4 Reasons Open Source Matters for Cloud Security
When we depend on an open commons as our computing foundation, we need it to be secure, and the most effective way to do that is through open solutions.
When we depend on an open commons as our computing foundation, we need it to be secure, and the most effective way to do that is through open solutions.
Linux operating systems power more than 90% of the world’s public cloud workload, from government web servers to smart manufacturing technologies. But as organizations continue to shift operations to the cloud, cybercriminals are following suit and directing their attention to Linux-based cyberattacks.
Amazon Web Services (AWS) users get access to the popular Linux distro via virtual desktop.
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.
Understand the security benefits and risks associated with Linux containers.
Containers are considered to be a standard way of deploying these microservices to the cloud. Containers are better than virtual machines in almost all ways except security, which may be the main barrier to their widespread adoption.
Security leaders are still dealing with the impact of Log4Shell, and cloud security leaders are changing the way they secure cloud workloads in the aftermath of Log4Shell. New Valtix research reveals that 95% of cybersecurity leaders say Log4Shell was a wake-up call for cloud security, changing it permanently, and that 87% feel less confident about their cloud security now than they did before the incident.
Kubernetes has quickly become a de facto tool within enterprise software development environments, enabling DevOps engineers to scale large numbers of containers. And recent cybersecurity hardening guidelines laid out by the NSA and CISA indicate that adoption of Kubernetes has reached critical mass. But this surge in adoption also can introduce many new vulnerabilities and misconfigurations which, if left unchecked, could put many organizations at risk.
The NSA - the maker of the original secure Linux (SELinux) - has written guidelines on how to secure video conferencing, text chatting, and collaboration tools; and now explains how to harden Kubernetes against attackers.
Ransomware, cryptojacking, and a cracked version of the penetration-testing tool Cobalt Strike have increasingly targeted Linux in multicloud infrastructure, report states.
Hackers could exploit a Linux kernel bug to escape Kubernetes containers and access critical resources; however, the threat is minimized as any attacker needs to have the specific Linux capability CAP_SYS_ADMIN.
Infrastructure security is important to get right so that attacks can be prevented—or, in the case of a successful attack, damage can be minimized. It is especially important in a Kubernetes environment because, by default, a large number of Kubernetes configurations are not secure. Learn how to secure Kubernetes at the infrastructure level.
While it’s come a long way over the past year, Kubernetes security has not yet reached maturity. But judging from the level of investment in 2021 into technologies for securing Kubernetes — the now-dominant container orchestration platform — enterprises can expect major advancements in the area during the coming year.
Learn about nine great Docker alternatives for container management to consider using in your next project.
Linux and FreeBSD variants of the Hive ransomware have recently been discovered, demonstrating how threat actors are increasingly targeting other OSes besides Windows, and are looking to attack cloud apps.
Vulnerabilities in the life cycle of open-source software development can start from tiny crumbs but grow into substantial issues. This week’s KubeCon + CloudNativeCon North America in-person and virtual conference put security for open-source development back in the spotlight while also talking up cloud native’s rapid rise. Here are the highlights you should know about.
Linux is growing in popularity due to the impressive security, stability and flexibility of the OS, making it an increasingly attractive attack target. Learn about the top cloud security threats to your Linux system.
NSA/CISA Kubernetes hardening guidance offers a solid foundation for securing Kubernetes environments. Here are the key components and why they're important.
Container technology adoption has experienced a rapid upward surge over the past few years. But now that it has gained a serious foothold in the enterprise, questions are beginning to arise about container security. Perhaps the fundamental question is, just how secure are containers?
Hardening guidance from the NSA and CISA seeks to educate IT administrators about cloud security risks and best practices for implementing and maintaining Kubernetes.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.