Kubernetes, also known as K8s, is a very complex open-source platform that requires detailed attention to security. Despite previous efforts to increase its security, Kubernetes remains insecure by default and requires different security tools to protect the cluster.
In this entry, we continue delving into an investigation of exposed registries and look at the types of files and information that malicious actors can access and compromise from these.
In this entry, we will discuss publicly exposed registries, which are repositories or databases containing information accessible to the public without the need for authentication.
We examine Azure’s Managed Identities service and its security capability in a threat model as developers’ go-to feature for managing secrets and credentials.
After looking at offerings by cloud service providers (CSPs), we examined the possibilities of using a more secure serverless environment by running a custom container.
Using Trend Micro Cloud One™ – Conformity data, we looked at the top 10 Amazon Web Services (AWS) and Microsoft Azure services with the highest misconfiguration rates with regard to the implementation of Cloud Conformity rules.
Our new report maps the vulnerable cracks in cloud native application security, and shows how this is a growing concern that enterprises should devote time and resources to secure.