October 2018 Summaries
3 posts from Sysdig
Filter
Month:
Year:
Post Summaries
Back to Blog
A recently disclosed vulnerability in the popular jQuery File Upload plugin, identified as CVE-2018-9206, allows malicious users to upload and execute files on a server, potentially leading to a complete takeover of the host. The vulnerability arises from a change in Apache's Web Server security settings, which exposes users to unrestricted file upload risks. Detecting this vulnerability can be challenging due to the plugin's widespread use and the potential for it to be embedded in third-party applications without clear indications. Falco, a behavioral detection system, can help identify suspicious activities by leveraging a rich stream of data from system events and implementing pre-defined rules to detect potential exploits. Beyond detection, Falco and Sysdig Secure offer tools for analyzing incidents and implementing active enforcement measures, such as node tainting or process termination, to mitigate threats. The combination of detection and response capabilities is crucial for security practitioners, particularly in containerized environments where incidents may occur within ephemeral containers.
Oct 22, 2018
556 words in the original blog post.
Falco, a behavioral activity monitoring tool from Sysdig, has joined the Cloud Native Computing Foundation (CNCF) Sandbox to enhance its role in securing cloud-native platforms like Kubernetes, Cloud Foundry, and OpenShift. This transition aims to foster community contributions, improve project governance, and enhance user experience by leveraging CNCF's support. Falco, originally created by Loris Degioanni at Sysdig, analyzes Linux system calls as event streams and allows users to write rules detecting abnormal behavior for real-time security alerts. As part of the CNCF Sandbox, Falco has transitioned to the Apache License 2.0, promoting broader adoption in the cloud-native community. The move to CNCF also involves integrating new features such as support for Kubernetes audit events and the creation of a new vendor-neutral home for its code and community resources, further emphasizing Sysdig's commitment to open source collaboration and security innovation in dynamic cloud environments.
Oct 10, 2018
1,101 words in the original blog post.
"Running Containers in Production for Dummies," a book co-authored by Sysdig team members Jorge Salamero Sanz, Eric Carter, and Knox Anderson, is designed to guide enterprises in adopting container technology by providing a comprehensive overview of containerized application deployment. Published as part of the Dummies series, this 44-page resource explores the container ecosystem, development processes, and architectures that support container environments, covering topics such as orchestrators, CI/CD/CS pipelines, monitoring, and securing containers. The book is available for free download, and a live webinar with the authors is scheduled to further discuss the content and answer questions.
Oct 05, 2018
433 words in the original blog post.