Advantages of Virtual Patching
Today’s systems can be considered as very advanced as well as complex, with multiple dependencies and interrelationships. It requires a
Virtual Patching: Definition
The term patch is misleading because the vulnerable system is not being patched. A quick repair job for a piece
Introduction to Virtual Patching
“Virtual Patching” is a term that was initially used by Intrusion Prevention System vendors many years ago. It is also
How to create a Kubernetes Service
With the running application, we want to access one service. Let’s create a ClusterIP type of service. We can: Create
Kube-Proxy and Headless Services
Kube-Proxy Kube-proxy implements a form of virtual IP for services for all types except ExternalName. Three modes are: (a) Proxy-mode:
Kubernetes Service Types
Key Terms Nodes: Virtual host(s) on which containers/pods are running. Kubernetes Service: A logical set of pods that perform identical
Introduction to Kubernetes Services
Key Terms: Pods: One or more containers that shares the storage and network with a Kubernetes configuration, mentioning the behavior
Kubernetes Infrastructure Security
Security should extend beyond images and workloads and defend the complete environment, as well as the cluster infrastructure. You want
Kubernetes Security – Runtime Phase
Kubernetes Security: Runtime Phase The runtime phase exposes containerised applications to a slew of recent security challenges. The aim is
Kubernetes Container Security – Deployment Phase
Kubernetes Container Security in Deployment Phase Kubernetes infrastructure ought to be designed firmly before workloads being deployed. From a security
Kubernetes Security: Build Phase
Overview : Kubernetes Security: Build Phase Securing containers and Kubernetes starts within the building part with securing your container images.
Kubernetes security risks and challenges
Overview : Around 87% of organizations are using Kubernetes container orchestration to manage their container workloads. Each of the security
Kubernetes Security – Introduction to Attack Vectors
Overview : Kubernetes helps the enterprises to automate their application deployment for the business benefits. Now-a-days Kubernetes security can be
Prediction: Cyber Space in 2021
Cyber landscape predictions FireEye Mandiant has delivered its cyber landscape predictions for the coming year, including growing and affiliate-supported espionage,
HTTP Prototype Pollution and CVE-2020-7703
Prototype Pollution Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing
Jira – Open redirect vulnerability using os_destination
CVE-2019-20901 Proof of Concept : The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version
Deep Drill Down into Denial of service in nodejs webserver module nghttp2
Overview : nghttpd is a multi-threaded static web server. nghttpd only accepts HTTP/2 connections via NPN/ALPN or direct HTTP/2 connections.