Jack Mannino, CEO at nVisium, a Falls Church, Virginia-based application security provider, notes, “This attack leveraged a common Kubernetes misconfiguration to gain persistence within the cluster. Combined with weakness in access control and isolation, this is a good way to gain a foothold into a cluster and establish command and control. As more production workloads move to cloud native, the complexity of securing clusters, software development pipelines, and cloud architectures becomes incredibly difficult, as the attack surface significantly expands.”
- REWIND: InfoSec Trends That Dominated Headlines in 2021
- Vulnerability Management: Is Declining Mental Health Cybersecurity's Greatest Threat?
- Better Together: Why You Need a Security Champions Program
- The Top 5 Lessons Learned From the Great Facebook Outage of 2021
- Report Highlights Cybersecurity Dangers of Elastic Stack Implementation Mistakes