Why do we need to apply Virtual Patching on the websites?
Safeguarding the company’s assets against existing and emerging vulnerabilities is the most critical task that security teams are struggling with.
Virtual Patching Tools
Various tools are used to achieve Deep Security virtual patching. It includes: Web Application Firewall (WAF) Intrusion Prevention System (IPS)
Common Roadblocks to Source Code Fixes
From the technical point of view, the initial mitigation strategy would be for an organization to rectify the discovered vulnerability
Advantages of Virtual Patching
Today’s systems can be considered as very advanced as well as complex, with multiple dependencies and interrelationships. It requires a
Virtual Patching: Definition
The term patch is misleading because the vulnerable system is not being patched. A quick repair job for a piece
Introduction to Virtual Patching
“Virtual Patching” is a term that was initially used by Intrusion Prevention System vendors many years ago. It is also
How to create a Kubernetes Service
With the running application, we want to access one service. Let’s create a ClusterIP type of service. We can: Create
Kube-Proxy and Headless Services
Kube-Proxy Kube-proxy implements a form of virtual IP for services for all types except ExternalName. Three modes are: (a) Proxy-mode:
Kubernetes Service Types
Key Terms Nodes: Virtual host(s) on which containers/pods are running. Kubernetes Service: A logical set of pods that perform identical
Introduction to Kubernetes Services
Key Terms: Pods: One or more containers that shares the storage and network with a Kubernetes configuration, mentioning the behavior
Kubernetes Infrastructure Security
Security should extend beyond images and workloads and defend the complete environment, as well as the cluster infrastructure. You want
Kubernetes Security – Runtime Phase
Kubernetes Security: Runtime Phase The runtime phase exposes containerised applications to a slew of recent security challenges. The aim is
Remote Code Execution vuln in Zend Framework 3.0.0
Overview : Remote Code Execution vuln in Zend Framework 3.0.0 Affected Product(s) : Zend Framework 3.0.0 Vulnerability Details : CVE
Tenda N300 Authentication Bypass via Malformed HTTP Request Header
Overview : Tenda N300 allows Authentication Bypass vuln through Malformed HTTP Request Affected Product(s) : N300/N301 Router Vulnerability Details :
Multiple vulnerabilities reported in XCloner
Overview : Multiple vulnerabilities like Unprotected AJAX Action & Cross-Site Request Forgery reported in XCloner Affected Product(s) : versions before
Remote Denial of Service attack in Pure-FTPd 1.0.48
Overview : Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection
Kubernetes Container Security – Deployment Phase
Kubernetes Container Security in Deployment Phase Kubernetes infrastructure ought to be designed firmly before workloads being deployed. From a security
Kubernetes Security: Build Phase
Overview : Kubernetes Security: Build Phase Securing containers and Kubernetes starts within the building part with securing your container images.
Denial of Service (DoS) vulnerability in the file upload request feature of Atlassian Crucible
Overview : DoS vulnerability in the file upload request feature of Atlassian Crucible Affected Product(s) : version < 4.7.4 4.8.0
Kubernetes security risks and challenges
Overview : Around 87% of organizations are using Kubernetes container orchestration to manage their container workloads. Each of the security
Kubernetes Security – Introduction to Attack Vectors
Overview : Kubernetes helps the enterprises to automate their application deployment for the business benefits. Now-a-days Kubernetes security can be
BigFix Inventory up to v10.0.2 does have a session cookie issue
Overview : HCL BigFix Inventory does not enforce “secure” attribute for SSO related cookies when SSO is enabled. Web browsers
Online Bus Ticket Reservation 1.0 – SQL Injection
Overview : Online Bus Ticket Reservation 1.0 – SQL Injection Affected Product(s) : Version: 1.0 Vulnerability Details : CVE ID
BIG-IP Traffic Management User Interface Vulnerability
Overview : Multiple vulnerabilities reported in BIG-IP Traffic Management User Interface Affected Product(s) : BIG-IP versions 16.0.0 – 16.0.0.1 BIG-IP