A New Open-Source Tool that Fills a Critical Serverless Security Gap 

By: Ariel Shuper
Nov 22 2022

One of the main attractions of moving software to the cloud has always been the “shared responsibility model,” wherein the cloud provider deploys, protects, and maintains the underlying infrastructure and execution environment and the custom...

OpenSSL 3.0 Critical Vulnerabilities: Should You be Spooked?

By: Sarabjeet Chugh
Nov 1 2022

Don’t be. Act now—use Panoptica to scan for OpenSSL vulnerabilities for free. On November 1, the OpenSSL Project team released a critical patch for OpenSSL 3.0. The patch—OpenSSL 3.0.7—will fix this vulnerability in the library affecting ...

Why Now Is the Time for CISOs to Embrace CNAPP for Cloud Native Security

By: Ran Ilany
Apr 20 2022

“Breaking down silos” is a common phrase in the world of DevOps and DevSecOps. Ironically, though, if you look at how many DevOps and DevSecOps cloud native security tools actually work, you realize that the tools used are very siloed. In...

Cisco ET&I & Cloud Native Security – Pushing boundaries & making bold bets

By: Ran Ilany
Feb 7 2022

Successful enterprises are good at what they do – so good, in fact, that it can become difficult for them to embrace new ideas. Instead, many choose to rest on the laurels of their existing products and services – Usually their successful produc...

Everything DevOps need to know about the NSA’s Kubernetes Security Guidance

By: Alexei Kravtsov
Nov 30 2021

Kubernetes security is a complex topic. So complex that the National Security Agency recently issued a 59-page guidance document on Kubernetes security hardening. Yet, when you boil this advice down, you’ll find that most sources of c...

Hardening Kubernetes Containers Security with Seccomp

By: Erez Fishimer
Aug 13 2021

Seccomps - An often overlooked way to harden Kubernetes containers’ security is by applying seccomp profiles. Customizing seccomp profiles, in effect, provides a deeply embedded line of defense that adds a layer of protection to your application i...

What’s New in Kubernetes v1.21 and Istio 1.9 Releases and their implications on DevOps?

By: Alexei Kravtsov
Jul 22 2021

Kubernetes and service mesh are increasingly interrelated, yet their new versions are released separately on different dates. Kubernetes and Istio’s last releases help to get a clearer understanding of the interplay between them and how one affect...

A new MITRE ATT&CK security framework for Containers and Kubernetes

By: Ariel Shuper
May 7 2021

Last week (April 29th) the MITRE org released the ATT&CK matrix for Containers. The release marks the culmination of a research project investigating the viability of container-related techniques into an ATT&CK matrix. Based on extensiv...