Container Security

Container Security Challenges Impacting Pace of App Dev
A global survey finds 96% of respondents reporting their companies are experiencing cloud-native application challenges that are leading to slower deployment cycles, with more than two-thirds (67%) naming security as the top ...

CrowdStrike: DoS Attack Against Russia Uses Containers
CrowdStrike today revealed that it has detected the surreptitious use of containers to launch distributed denial-of-service (DDoS) attacks against IT assets in Russia and Belarus. A Docker honeypot set up by CrowdStrike, ...

CrowdStrike Adds Container Support to Cloud Security Platform
CrowdStrike today launched a cloud-native application protection platform (CNAPP) based on its Falcon Cloud Workload Protection (CWP) offering that can now detect threats aimed at containers, prevent rogue containers from running and ...

CrowdStrike Details LemonDuck Cryptojacking Container Attack Campaign
CrowdStrike has published an alert detailing an active campaign that uses compromised containers to mine for cryptocurrency on Linux platforms launched via a botnet known as LemonDuck. LemonDuck is a cryptomining botnet ...

Chainguard Launches Platform to Enforce Secure Containers
Chainguard today launched a platform that ensures only trusted container images are run on Kubernetes clusters to ensure the integrity of a software supply chain. Chainguard Enforce! is the first product from ...

5 Best Practices for Cloud-Native Permissions
Cloud-native/microservices-based products are complex, and so is building access control and managing permissions for these products. And it’s only getting worse with each pull request. Most developers end up building authorization or ...

Outwitting the New CRI-O Vulnerability
If you’re a CRI-O user, there’s a newly discovered vulnerability that could affect you. It’s called CVE-2022-0811 and it was discovered by CrowdStrike cloud security researchers. While it can’t be exploited by ...

Hardening Kubernetes Multi-Cluster Environments
Kubernetes has quickly become a de facto tool within enterprise software development environments, enabling DevOps engineers to scale large numbers of containers. And recent cybersecurity hardening guidelines laid out by the NSA ...

Rethinking Anomaly Detection in Cloud-Native Applications
From microservices to multi-cloud, modern application architectures have evolved significantly and created new challenges that are drowning engineers and DevOps teams in data and increasing the number of tools they are being ...

Anchore Extension Can Generate SBOMs for Container Apps
Anchore today added an extension to its software supply chain management platform for container-based applications that can automatically generate and continuously update a software bill of materials (SBOM). Kim Weins, senior vice ...