Sysdig Site Search
How to detect sudo’s CVE-2021-3156 using Falco
A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility...
Exploiting IAM security misconfigurations
These three IAM security misconfigurations scenarios are rather common. Discover how they can be exploited, but also, how easy it...
How to Detect SCARLETEEL with Sysdig Secure
The recent SCARLETEEL incident highlights the importance of detecting security threats early in the development cycle. With Terraform state files,...
SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft
The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL, that resulted in...
How to detect the containers’ escape capabilities with Falco
Attackers use container escape techniques when they manage to control a container so the impact they can cause is much...
Lambda Threat – Best Practices for Lambda Security
Our security research team will explain a real attack scenario from the black box and white box perspective on how...
What is the MITRE ATT&CK Framework for Cloud? | 10 TTPs You should know of
MITRE ATT&CK framework for cloud will help you identify the possible threats related to a cloud environment and begin securing...
OWASP Kubernetes Top 10
One of the biggest concerns when using Kubernetes is whether we are complying with the security posture and taking into...
Kubernetes security context, security policy, and network policy – Kubernetes security guide (part 2).
Once you have defined Kubernetes RBAC: users and services credentials and permissions, we can start leveraging Kubernetes orchestration capabilities to...
Comparing GuardDuty & Falco on EKS
Read about the differences between Amazon GuardDuty and Falco for Amazon EKS to better understand what each tool does, the threats detected, and the metadata available for forensic analysis.