This week's articles
Snaring the Bad Folks
Blog post introducing Snare, Netflix's Detection, Enrichment, and Response platform for handling cloud security related findings. Snare is responsible for receiving millions of records a minute, analyzing, alerting, and responding to them.
#aws
#defend
#monitor
Falco 101
All you need to learn to get started with Falco.
#explain
#falco
Zero Trust with Envoy, SPIRE and Open Policy Agent (OPA)
Blog exploring one of the key principles of Zero Trust, around authenticating and authorizing every request before a service is allowed to access a resource, and defining a simple OPA policy that demonstrates how service to service communication can be protected.
#build
#opa
Pod Security Graduates to Beta
With the release of Kubernetes v1.23, Pod Security admission has now entered beta. Pod Security is a built-in admission controller that evaluates pod specifications against a predefined set of Pod Security Standards and determines whether to admit or deny the pod from running.
#announcement
#defend
#kubernetes
AWS SageMaker Jupyter Notebook Instance Takeover
An attacker can run any code on a victim's SageMaker JupyterLab Notebook Instance across accounts. This means that an attacker can access the Notebook Instance metadata endpoint and steal the access token for the attached role.
#attack
#aws
|