Cloud security
Top Linux Cloud Threats of 2020
We tagged 2019 as The Year of the Linux Threat. That trend continued in 2020 with high profile APTs launching ELF malware,...
8 Reasons to Try Intezer Protect Community Edition
Last week we launched the community edition of Intezer Protect. With strong Linux threat detection, low overhead and no slowdown in performance, Intezer Protect is...
Cloud Workload Security: Part 3 - Explaining Azure’s Security Features
Cloud security management will always remain an ongoing journey, as threats keep evolving and organizations need to keep updating their cloud security...
Intezer Protect Community Edition Now Available
Free runtime protection for your cloud workloads Get Started Today we go live with the Intezer Protect community edition. After a few months...
Not Another Linux Security Blog
Blogs about Linux cloud security are nothing new. However, most are filled with technical jargon that can make them difficult to understand....
Cloud Workload Security: Part 2 - Security Features of AWS
This article is the second post in our five-part series on security in the cloud today. In Part 1, we discussed what...
CVE-2020-16995: Microsoft Azure Network Watcher Linux Extension EoP
Intro In our last blog post we disclosed an escalation of privileges vulnerability in Microsoft Azure App Services. In this post, we’ll describe...
Exploiting a Vulnerable Version of Apache Struts
Code execution is the key ingredient in any successful cyber attack. Exploiting a misconfiguration or vulnerability are some of the more common...
Migrating to the Cloud: Compliance Issues When Transitioning from a Traditional Data Center
For traditional data center operations, security and compliance requirements have always been operational overhead. Traditional data centers are under unique stresses in...
Are Containers More Secure Than VMs?
Stop and think for a moment. How many virtual machines (VMs) do you have running in your production cloud environment? How many...
Cloud Workload Security: What You Need to Know - Part 1
Cloud proliferation is on the rise, and more than ever before, security teams are on the lookout for solutions that align with...
Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure
Main Findings We discovered two vulnerabilities in Microsoft Azure. They existed in a popular cloud service called Azure App Services—specifically impacting Linux...
Looking Back on the Last Decade of Linux APT Attacks
APTs are targeting Linux systems more than they ever have. Linux Attacks are on the Rise The research community continues to witness...
Complementing Your CSPM with Runtime Cloud Workload Protection
There are many solutions available for securing your cloud applications and workloads. Even after doing your due diligence and making an investment,...
TTPs Matrix for Linux Cloud Servers with Detection Methods
Taking inspiration from the MITRE ATT&CK® framework, we previously developed a matrix categorizing adversary tactics and techniques for Linux cloud servers. Linux...
Community Beta Announcement
Update: Intezer Protect community edition is out of Beta and now available to everyone. Get Started Today we go live with the...
Watch Your Containers: Doki Infecting Docker Servers in the Cloud
Key Findings Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. It has...
What is Zero Trust Execution? Definition, Adoption & More
Zero Trust Execution is the industry recommended practice for securing workloads in the cloud. It provides a tight grip on your workloads...
Get Access to our Weekly Linux Threat Feed
With an emphasis placed on protecting Windows endpoints, the antivirus industry is struggling to detect Linux threats. In a 2019 study conducted by...
Best Practices for Securing a Docker Runtime Environment
The move to containerized workloads has proven to be a revolutionary step in the evolution of software engineering and distributed systems. One...
Intezer Contribution to IBM X-Force Cloud Threat Landscape Report
We dubbed 2019 the year of Linux threats, evidenced by over 20 of our researcher’s publications related to attacks on this operating...
Building a Robust App Control Strategy for your Cloud Workloads
The use of Application Control—commonly referred to as whitelisting or Zero Trust Execution—is considered to be a robust and essential Cloud Workload...
Exploitation of SaltStack Vulnerabilities Signals Increase in Cloud Server Attacks
Recently attackers exploited vulnerabilities in the popular SaltStack infrastructure automation software to infect cloud servers. Several organizations and open-source projects had to...
What is Cloud Workload Protection?
As organizations and individuals alike have transitioned to the cloud over the past 15 years, this has led to an incredible transformation...
Pre-runtime vulnerability scans or runtime protection: Which is better for your IaaS security?
Under Armour’s famous slogan sums up the mission perfectly: We Must Protect this House. As adoption of cloud services continues, security teams...