This week's articles
Snaring the Bad Folks
#aws, #defend, #monitor
Blog post introducing Snare, Netflix's Detection, Enrichment, and Response platform for handling cloud security related findings. Snare is responsible for receiving millions of records a minute, analyzing, alerting, and responding to them.
Falco 101
#explain, #falco
All you need to learn to get started with Falco.
Zero Trust with Envoy, SPIRE and Open Policy Agent (OPA)
#build, #opa
Blog exploring one of the key principles of Zero Trust, around authenticating and authorizing every request before a service is allowed to access a resource, and defining a simple OPA policy that demonstrates how service to service communication can be protected.
Pod Security Graduates to Beta
#announcement, #defend, #kubernetes
With the release of Kubernetes v1.23, Pod Security admission has now entered beta. Pod Security is a built-in admission controller that evaluates pod specifications against a predefined set of Pod Security Standards and determines whether to admit or deny the pod from running.
AWS SageMaker Jupyter Notebook Instance Takeover
#attack, #aws
An attacker can run any code on a victim's SageMaker JupyterLab Notebook Instance across accounts. This means that an attacker can access the Notebook Instance metadata endpoint and steal the access token for the attached role.
|