Exploiting Authentication in AWS IAM Authenticator for Kubernetes

By: Gafnit Amiga
Jul 11, 2022

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that helps you to create, operate, and maintain Kubernetes clusters. Amazon EKS has several deployment options including AWS cloud and on-premises (Amazon EKS Anywhere). Amazon EKS ...

New Vulnerabilities in Kubernetes NGINX Ingress Controller

By: Gafnit Amiga
Jul 6, 2022

Starting in October 2021, the NGINX’s Kubernetes Ingress Controller started to come under siege from security researchers and the open salvo was delivered in the form of CVE-2021-25742 which allowed attackers to gain access to secrets st...

NGINX Custom Snippets CVE-2021-25742

By: Gafnit Amiga
Oct 27, 2021

Attackers can gain access to secrets across all namespaces The high severity alert known otherwise as CVE-2021-25742, was recently brought to the public’s attention and has prompted us to believe that it may be worthwhile to do a deeper d...

10 ways to Escalate Privileges in Kubernetes

By: Or Azarzar
Jul 27, 2021

There are so many benefits to a Kubernetes environment, which explains why usage has jumped to 83% in production, up from 78% last year. All in all, container usage has risen 300% in the past 5 years! Whether you’re using Kubernetes for its d...

Killing Cloud Security Misconceptions Part 3: Least Privilege

By: Or Azarzar
May 5, 2021

Ready to have some knowledge dropped about the principle of least privilege? Here at Panoptica, we love knocking those cloud security misconceptions out of the park! In our previous editions of this series, we spoke about how relying on CV...

Why Securing Your Cloud Is Completely Different From Securing Your On-prem Environment

By: Vladi Sandler
Apr 29, 2021

There’s a new generation of attackers among us, that can’t be denied. Offensive methodologies are constantly changing, and as organizations aggressively move to the cloud, these need to be understood before they can be protected against. One ...

Kubernetes and Container Security Tools You Must be Aware Of

By: Panoptica Team
Apr 19, 2021

Threat detection, container lifecycle management, container registries, and access control tools. Whether paid or free, the web is full of container security tools allowing developers and organizations to maintain a secure environment.&nbs...

Can There Be Too Much Cloud Visibility in a Cloud Environment?

By: Vladi Sandler
Apr 19, 2021

Everywhere you look in cloud security, you’ll see experts waxing lyrical about the importance of visibility. Trust us, we get it! If you can’t get an active and accurate view of everything that’s going on inside your environment, from con...