vulnerabilities
Software Supply Chain Security: Why 99% of Your Container is Mystery Code
In a recent talk, the disparity between developers and platform engineers in container security was highlighted, revealing how a single line of code can pull in thousands of vulnerabilities. This article discusses ...
Chainguard Adds Support for Multi-Layer Hardened Container Images
Chainguard has added support for multi-layer images to its repository for accessing hardened container images that are free of vulnerabilities. Jason Hall, principal engineer for Chainguard, said that while it has been ...
Remote Code Execution Vulnerabilities Surface in Ingress Nginx
Tel-Aviv’s Wiz Research team says it has identified a series of unauthenticated Remote Code Execution (RCE) vulnerabilities in the Ingress Nginx Controller for Kubernetes. ...
Unlocking the Full Potential of Container Vulnerability Scans
Given the complex dependencies of container images, which can rely on other container images with potential vulnerabilities, it is crucial for developers to proactively identify and address container security vulnerabilities before deployment ...
Survey Surfaces Cloud-Native Application Security Challenges
A global survey of 600 DevOps, engineering and security professionals finds more than two-thirds (67%) reporting their organization has delayed or slowed application development as a result of security concerns. Conducted by ...
Best of 2023: Three Newly-Discovered Kubernetes Ingress Vulnerabilities Create Security Challenge
Three vulnerabilities were disclosed that impact ingress controllers based on open source Nginx software embedded within Kubernetes clusters ...
ARMO Brings VEX to Kubernetes Security Posture Management Platform
ARMO added support for VEX to Kubescape, an open source security posture management project for Kubernetes ...
KSOC Shares List of Top Eight Kubernetes Vulnerabilities
Kubernetes Security Operations Center (KSOC) has published a list of the eight Kubernetes vulnerabilities that are most likely to be exploited. The list is based on an Exploit Prediction Scoring System (EPSS) ...
Sysdig Report Surfaces Major Lack of Container Security
A new Sysdig report finds 87% of container images have high-risk vulnerabilities of which 15% make their way into runtime environments. The report also finds that 71% of those vulnerabilities have a ...
Overcoming Container Security Gaps With Active Vulnerability Management
Organizations can reduce security risks in containerized applications by actively managing vulnerabilities through scanning, automated image deployment, tracking runtime risk and deploying mitigating controls. Kubernetes and containers have become de facto standards ...
