The Chainguard team has released a new whitepaper titled "All About That Base Image", which aims to help software professionals better understand the security debt of popular base images by analyzing the number, severity, and lifetime of vulnerabilities.

What should a startup without a security team do for security?

Post introducing a new plugin created by the Falco Authors to collect Okta Log Events and be able to trigger alerts whenever suspicious events are detected.

Article covering why DFIR for Kubernetes is so important and how to assess your container DFIR capabilities.

Some good pointers around basic security controls for container registries.

Overview of key threats for cloud environments, with a focus on Linux malware, database malware, malicious cryptomining code, and ransomware.

Abusing webhooks to compromise the webhook provider.

A proof-of-concept exploit allowing an attacker having compromised a container to escape to the underlying host and gain host-level administrative privileges. The code for the PoC is also available on Github.

Some common attack techniques that an attacker can use to exploit your Google Cloud Platform (GCP) environment, gain permissions, and steal information via services like Dataproc, Dataflow, and Composer.

Multiple investigations and testing by the CrowdStrike Services team identified inconsistencies in Azure AD sign-in logs.

Correlates serviceaccounts, pods and nodes to the permissions granted to them via rolebindings and clusterrolesbindings.

Monitor and detect crashes in your Kubernetes cluster instantly.

Add comments to pull requests where tfsec checks have failed.

Kubernetes mutating webhook to fetch secrets from AWS Secrets Manager.

Today, you can centrally close member accounts in your AWS organization enabling easier and more efficient account management of your AWS environment. This means you're able to close member accounts from your organization's management account without needing to login to each member account individually with root credentials.

Some identity and security considerations when designing the security for your SaaS apps.

How Trend Micro integrated with Amazon S3 Object Lambda to deliver malware scanning as objects are being retrieved from Amazon S3, and how you can use File Storage Security to detect, quarantine, and manage potential malware risk.

Find out the fundamental concepts of SCPs, and strategies to implement them.

DIU is implementing a secure cloud access solution in a production environment after a successful year-long prototype.

Add static and dynamic severity levels to your alert policies for easier triaging and include these in notifications when sent to 3rd party services.

The Always Encrypted feature brings client-side encryption capabilities to Azure Cosmos DB and allows you to put an extra level of protection on your sensitive data.

Azure Bastion native client support brings you the ability to connect to target VMs from the command line and log in using your Azure Active Directory credentials.