HackDig : Dig high-quality web security articles for hackers

File Integrity Monitoring: Detecting suspicious file activity inside a container

In this blog, we will explore suspicious file activity inside a container and see how to effectively implement a file integrity monitoring (FIM) workflow. We’ll also cover how Sysdig Secure can help you implement FIM for both containers and Linux hosts. What is file integrity monitoring (FIM)? File integrity monitoring gives you visibility into
Publish At:2020-06-30 13:20 | Read:95 | Comments:0 | Tags:Falco Sysdig Secure compliance falco Image scanning

Improving the Prometheus exporter for Amazon CloudWatch

A Prometheus CloudWatch exporter is a key element for anyone wanting to monitor AWS CloudWatch. Exporting CloudWatch metrics to a Prometheus server allows leveraging of the power of PromQL queries, integrating AWS metrics with those from other applications or cloud providers, and creating advanced dashboards for digging down into problems. But, who wa
Publish At:2020-05-24 09:25 | Read:179 | Comments:0 | Tags:AWS Falco falco Monitoring PromCat Prometheus Sysdig Monitor

Falco Support on AWS Fargate

Today we’re very excited to announce a partnership with Amazon to support Fargate in Sysdig’s product line. We are also announcing that Falco, the world’s most popular runtime security tool for containers, will soon be able to work on Fargate. This is an important milestone. For the first time, Fargate users will enjoy the benefit of deep instrumentation.
Publish At:2020-04-08 18:40 | Read:542 | Comments:0 | Tags:AWS Falco falco

PCI Compliance for Containers and Kubernetes

In this blog, we will cover the various requirements you need to meet to achieve PCI compliance, as well as how Sysdig Secure can help you continuously validate PCI compliance for containers and Kubernetes. Learn how to meet PCI Compliance Requirements for Container and Kubernetes Environments! Click to tweet What is PCI DSS Compliance?
Publish At:2020-03-31 11:45 | Read:266 | Comments:0 | Tags:Sysdig Secure compliance falco

Image scanning for CircleCI

In this blog post, we are going to cover how to perform container image scanning for CircleCI using Sysdig Secure. Image scanning allows DevOps teams to detect and resolve issues, like known vulnerabilities and incorrect configurations, directly in their CI/CD pipelines. Using Sysdig Secure, you can enforce image policies to block vulnerabilities befo
Publish At:2020-02-20 14:09 | Read:386 | Comments:0 | Tags:Kubernetes Sysdig Secure CircleCI falco Github Openshift

Announcing the Cloud Native Security Hub

One of the main benefits to standardized infrastructure is the ability to share application resources across entities. We are taking advantage of this with the Cloud Native Security Hub as we start to explore how to standardize cloud native security. Securing cloud native environments is a new challenge for any team trying to bring these workloads to
Publish At:2019-11-18 23:50 | Read:648 | Comments:0 | Tags:Falco falco Kubernetes Sysdig Secure Cloud

Image scanning for Azure Pipelines

In this blog post, you’ll learn how to setup image scanning for Azure Pipelines using Sysdig Secure DevOps Platform. Azure DevOps gives teams tools like version control, reporting, project management, automated builds, lab management, testing, and release management. Azure Pipelines automates the execution of CI/CD tasks, like building the container i
Publish At:2019-11-11 23:50 | Read:690 | Comments:0 | Tags:Sysdig Secure Azure Azure Pipelines falco Github Kubernetes

Multi-cluster security with Falco and AWS Firelens on EKS & ECS

In this blog post, we are going to teach you how to aggregate all Kubernetes security events across your AWS container services. We’ll be using AWS FireLens to route Falco notifications, centralizing all the security events, such as AWS CloudWatch, in one service. We will: Aggregate events from any AWS container platform (EKS, ECS, Kubernet
Publish At:2019-11-11 23:50 | Read:775 | Comments:0 | Tags:Falco AWS falco Kubernetes Openshift

Understanding common library implementation

The history of successful open source tooling built on common Linux libraries, by Loris Degioanni As Falco grows in popularity, many new users get exposed to it on a daily basis. As should be expected, most of these users are not aware of what the architecture underneath Falco is. What components play a role in powering it? How do these components relate
Publish At:2019-11-11 23:50 | Read:843 | Comments:0 | Tags:Falco

33(+) Kubernetes security tools.

Kubernetes security tools … there are so freaking many of them; with different purposes, scopes and licenses. 33 #Kubernetes #security tools, explained and categorized to help you pick the right ones for your cluster. Click to tweet That’s why we decided to create this Kubernetes security tools list, including open source projects and
Publish At:2019-10-18 04:35 | Read:1844 | Comments:0 | Tags:Falco Sysdig Secure

How to detect Kubernetes vulnerability CVE-2019-11246 using Falco.

A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclose
Publish At:2019-10-18 04:35 | Read:1106 | Comments:0 | Tags:Falco cve Detection Vulnerability

Falco in the open

One of the most successful aspects of Kubernetes is how functional the open source community was able to operate. Kubernetes broke itself down in smaller sections called special interest groups, that operate similarly to subsections of the kernel. Each group is responsible for a single domain, and sets their own pace. One of the most important things to a Ku
Publish At:2019-10-18 04:35 | Read:912 | Comments:0 | Tags:Falco

What’s new in Kubernetes 1.16?

Kubernetes 1.16 is almost here and it’s packed with cool new features, like ephemeral containers for easy pod debugging, support for dual-stack network in pods, many new options for the scheduler… And we are just getting started! Here is the list of what’s new in Kubernetes 1.16. This is what’s new in #Kubernetes 1.16 Click to tweet Ku
Publish At:2019-10-18 04:35 | Read:786 | Comments:0 | Tags:Falco

How to detect CVE-2019-14287 using Falco

A recent flaw, CVE-2019-14287, has been found in sudo. In this blogpost, we are going to show you how to use Falco or Sysdig Secure, to detect any exploit attempts against this vulnerability. sudo allows users to run commands with other user privileges. It is typically used to allow unprivileged users to execute commands as root. The issue exists in t
Publish At:2019-10-18 04:35 | Read:829 | Comments:0 | Tags:Falco cve

SELinux, Seccomp, Falco, and You: A Technical Discussion

One of the questions we often get when we talk about Sysdig Falco is “How does it compare to other tools like SELinux, AppArmor, Auditd, etc. that also have security policies?” To help answer some of those questions, we thought we’d present a summary of other related security products and how they compare to Sysdig Falco. Specifically, we’ll l
Publish At:2017-01-19 23:00 | Read:5711 | Comments:0 | Tags:Uncategorized falco Sysdig Falco Info Sec

Announce

Share high-quality web security related articles with you:)

Tools