This code worked well in our tests and was approved in the code review process. It returns True when there are two files with the right prefixes, and it returns False when there isn’t. Simple enough. That wasn’t what happened in real life, however. It would still work in the scenario where the right files are there, but it would, only sometimes, return True when just one of the files were there. And this was…
Read More
Five key pillars of zero trust A zero trust security approach across can be broken down into five distinct pillars: device trust, user trust, transport/session trust, application trust, and data trust. To efficiently coordinate the security of each pillar consider leveraging a cybersecurity platform that gives you visibility into your entire IT infrastructure, with the access to security automation tools, customizable APIs, and a broad set of third-party integrations. 1. Device trustThe number of devices…
Read More
Vulnerabilities in software and infrastructure are a fact of life for developers and SREs, but that doesn’t mean you must accept them. Given the exponential growth of vulnerabilities, DevOps teams must be aware of and learn how to mitigate these risks to ensure healthy systems and applications. This article will focus on five common vulnerabilities in no particular order of severity. We’ll examine some in-depth information on each vulnerability’s root cause and how it can…
Read More
How to Secure AWS Serverless API(s) Network Security Discover how to easily enhance security of your container-based AWS serverless API to protect against known and unknown vulnerabilities. By: Anna Lapyko March 18, 2022 Read time: ( words) Container-based serverless APIs are becoming increasingly popular as many organizations move toward cloud native applications. Serverless containers outsource the effort of managing the actual servers, making it easier to scale quickly and maintain at any scale. However, you…
Read More
Serverless technologies enable developers to concentrate on what the application does without the hassle of managing where it runs and how it scales. The cloud provider manages infrastructure, simply upload the applications, and the provider handles the rest. This article highlights the benefits of going serverless by walking through creating a serverless REST API using AWS Lambda and Node.js. Setting Up the Local Environment This tutorial requires the following dependencies: Now that the environment is…
Read More
Rule GD-001: GuardDuty enabled Conformity has rule GD-001 for enabling GuardDuty. This rule checks that GuardDuty is enabled in all regions for the security of your AWS environment and infrastructure. Because this rule is a medium-level threat, Conformity encourages compliance. The result of non-compliance is the potential occurrence and proliferation of malicious activity on your AWS account and infrastructure without your knowledge, such as Recon:EC2/PortProbeUnprotectedPort, UnauthorizedAccess:EC2/SSHBruteForce, or UnauthorizedAccess:IAMUser/MaliciousIPCaller. To remediate, simply visit GuardDuty to enable…
Read More
Source: Trend Micro Blog Not so easy, huh? Luckily, Microsoft Azure and AWS have created several white papers on the Well-Architected Framework to explain cloud architectural design principals that can help guide you through the process. For example, in the case of an Amazon S3 bucket, you need to remember to disallow public read access, ensure logging is enabled, use customer-provided keys to ensure encryption is on, and so on. With so many cloud services…
Read More
How to Detect Apache Log4j Vulnerabilities Network Security Explore how to detect Apache Log4j (Log4Shell) vulnerabilities using cloud-native security tools. By: Nitesh Surana January 27, 2022 Read time: ( words) In my previous blog, I reviewed how to detect Apache HTTP server exploitation from vulnerabilities in October. Weirdly enough, I wrote that article before the Apache Log4j (Log4Shell) news broke in December 2021. So I’m back to write about how to detect the infamous Log4j vulnerability (CVE-2021-44228) that…
Read More
Microservice Security: How to Proactively Protect Apps Serverless Security Microservices are growing in popularity—how can development teams embed seamless security into the entire pipeline? Fernando Cardoso, solutions architect at Trend Micro, breaks it down for you. By: Melanie Tafelski, Fernando Cardoso January 19, 2022 Read time: ( words) Microservices Overview As many organizations moved to serverless functions to maximize agility and performance in the cloud, microservices became the new go-to design architecture for modern web…
Read More
In the above two requests and responses, we see the attacker fingerprinting vulnerable servers by running the ‘echo’ command. We observed successful exploitation attempts which led to cryptominers raking up compute on the vulnerable hosts. CVE-2021-40438:This CVE tracks the vulnerability posed by the ‘mod_proxy’ module in Apache HTTP Server (versions before 2.4.49). In CWE-918 Server-Side Request Forgery (SSRF) attack, a malicious actor can forward the request to an origin server of their choice In this…
Read More
Introduction Cloud computing services have grown exponentially in