alcide

Alcide Blog

Cloud-native Security Provider

Capturing 2020 - an Eventful Year With Alcide

Dec 21, 2020 12:27:59 PM / by Amir Ofek posted in devsecops, cloud security, kubernetes, devops, network security, Kubernetes security, secops

0 Comments


A year ago, when we planned our strategy and had our predictions for 2020, we most definitely could not predict how erratic 2020 would turn out to be. We too had to adjust and provide support for our employees’ and clients’ new needs. However, 2020 turned out to be a tipping point year for the Kubernetes community with a massive K8s adoption across the globe. Many companies made a huge shift to the cloud and in order to do it the most cost effective and efficient way they turned to Kubernetes. As a result we faced a growing need for Kubernetes Security and therefore 2020 has become the best year yet for Alcide.

Read More

Kubernetes Security Is Not Container Security

Nov 9, 2020 8:50:07 AM / by Natan Yellin posted in kubernetes, network security, Kubernetes security, container networking

0 Comments

 

Read More

Kubernetes Namespaces Simplified With Alcide Runtime

Oct 20, 2020 11:11:46 AM / by Alon Berger posted in network security, Runtime, namespaces

0 Comments

Working with Kubernetes namespaces enables you to manage users spread across multiple teams and projects. Namespaces are essentially virtual clusters backed by the same physical single cluster. As Kubernetes clusters help in managing workloads and deployed objects, these numbers increase and can become unmanageable over time.

Read More

Insecure by Default - Kubernetes Networking

Sep 17, 2020 12:52:33 PM / by Natan Yellin posted in kubernetes, network security, Kubernetes security

0 Comments

Traditional network security includes protection against layer2 and layer3 spoofing attacks. Many security teams don’t realize it, but these threats are still relevant when running applications on a Kubernetes cluster in the cloud. You might be using a complex container network, but that doesn’t mean that simple spoofing attacks between pods aren’t possible. This matters because it dramatically increases the blast radius of compromised pods.

Read More

Kubernetes Security for AWS Bottlerocket Applications

Sep 8, 2020 6:23:55 AM / by Alon Berger posted in AWS, devsecops, cloud security, kubernetes, devops, network security, Kubernetes security, bottlerocket, linux

0 Comments

Read More

Whitelisting Processes on Kubernetes Pods Using AppArmor (Part 1)

Aug 12, 2020 7:01:37 AM / by Natan Yellin posted in devsecops, cloud security, network security, Kubernetes security

1 Comment

 

Read More

Three Ways to Simplify and Secure your Infrastructure using Kubernetes Namespaces

Jul 24, 2020 5:59:56 AM / by Natan Yellin posted in kubernetes, Micro segmentation, microservices, network security, Kubernetes security, namespaces

1 Comment

Kubernetes namespaces - they’re an essential feature for building modern cloud architectures. Namespaces let you split up a single cluster into multiple “virtual clusters”. Resources like pods, replicasets, and deployments all live in namespaces. You can think of a namespace as being a resource’s last name - it specifies which family the resource is part of - and normal resources can have one and only one namespace (There are exceptions like the Node resource which is cluster-wide and doesn’t belong to any namespace). If you don’t think you’re using namespaces on your cluster then you’re wrong. You’re actually just putting everything into the default namespace.

Read More

New Kubernetes Node Storage-based DoS Vulnerability [CVE-2020-8557]

Jul 16, 2020 10:44:47 AM / by Gadi Naor posted in devsecops, kubernetes, devops, network security, Kubernetes security, Advisor, CVE, vulnerability

0 Comments

 

Vulnerability Description and Impact

Read More

Ensuring In-flight Kubernetes Security

Jul 15, 2020 5:02:35 AM / by Alon Berger posted in network security, Kubernetes security, kaudit

0 Comments

 

Automate Kubernetes Analytics and Forensics with Alcide kAudit

 

Read More

Mitigate Attack Vectors with Alcide Kubernetes Security Platform

May 27, 2020 8:07:50 AM / by Rachel Cheyfitz posted in cloud security, security services, kubernetes, devops, alcide advisor, network security, Kubernetes security, Advisor, Runtime, SaaS

0 Comments

Last month, the Microsoft Azure Security Center published a fully detailed Threat Matrix for Kubernetes. This article identifies attack vectors unique to a Kubernetes environment. This important contribution is derived from the more generalized MITRE ATT&CK® framework that offers a complex matrix of common attack vectors.

Read More

Subscribe to Email Updates