Perfect Scores in Key Categories The categories in which CrowdStrike received a 5/5 rating are: Integrated Threat Intelligence, Lifecycle Security Management, Registry Scanning & Monitoring, Flexibility, Management, Interoperability and Scalability. CrowdStrike is clearly focused on delivering the innovative and reliable cloud security solutions that customers … [Read more...] about CrowdStrike Leader in 2024 GigaOm Radar for Container Security
Container
New CrowdStrike Research Challenges Container Predictability Assumptions
General-purpose Linux utilities — often observed in living off the land post-exploitation activity — are frequently used in popular containerized applications.CrowdStrike researchers have identified significant variation in the usage patterns of general-purpose Linux utilities across these containerized applications.The findings challenge commonly accepted assumptions about the … [Read more...] about New CrowdStrike Research Challenges Container Predictability Assumptions
New Vulnerability in CRI-O Container Engine (CVE-2022-0811)
CrowdStrike cloud security researchers discovered a new vulnerability (dubbed “cr8escape” and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from … [Read more...] about New Vulnerability in CRI-O Container Engine (CVE-2022-0811)
New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container
Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host. The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical … [Read more...] about New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container
Kubernetes Container Escape Using Linux Kernel Exploit
On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions. CVE-2022-0185 … [Read more...] about Kubernetes Container Escape Using Linux Kernel Exploit
Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability
This blog post was authored by Eugenio Iavarone, Cisco PSIRT. On August 28th, 2019, Cisco published a Security Advisory titled “Cisco REST API Container for Cisco IOS XE Software Authentication Bypass Vulnerability”, disclosing an internally found vulnerability which affects the Cisco REST API container for Cisco IOS XE. An exploit could be used to bypass authentication on … [Read more...] about Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability