Categories
Uncategorized

What is Dirty Pipe Vulnerability and it’s impact on Containers?

Disclosure A new Critical Linux vulnerability was disclosed to the public on 7th March by Max Kellermann. It’s tracked as CVE-2022-0847 and has a severity score of 7.8 (HIGH). This Dirty Pipe Vulnerability is similar to Dirty Cow Vulnerability, recorded as CVE-2016-5195. But, is much easier to exploit. Dirty Cow vulnerability was surfaced in October […]

Categories
Uncategorized

Why do we need continuous audits for public cloud?

Introduction to Continuous audits for public cloud Businesses have lost track of crucial control measures needed for their cloud infrastructure due to the rapid adoption of cloud computing, AWS, Azure, and Google cloud services are now more popular than ever due to the pace of innovation and customer expectations from the business. Gartner predicts that […]

Categories
How To? Knowledge Sharing

CVE-2022–0185: What is it, how to identify, and it’s impact on Kubernetes Workloads

Researchers Jamie Hill-Daniel and William Liu discovered & disclosed a vulnerability in Linux Kernel.

It’s assigned a CVE ID of CVE-2022-0185. And is rated as High Severity. This got introduced to Linux Kernel as part of version 5.1-rc1 in March 2019, almost 3 years ago.

Categories
Knowledge Sharing What Is?

As A Cloud User, Should I Be Worried About Cloud Compliance?

Cloud audit is similar to any other audit, however, its main focus is on the nuances of cloud environments. The purpose of cloud computing audits is to determine whether cloud workloads are using best practices, complying with appropriate standards, and complying with certain benchmarks when offering services. The dynamic nature of software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), and platform-as-a-service (PaaS) environments in the cloud increases the importance of auditing and compliance.

Categories
Knowledge Sharing

Complete List of AWS RDS Misconfigurations

Amazon RDS manages your cloud and data backup, software patching, automatic failure detection, and recovery, which protects you and your organization from misconfigurations. Amazon Relational Database Service (Amazon RDS) is a web service that allows you to focus on your application and gives them the fast performance, high availability, security, and compatibility they need. It […]

Categories
Guides Knowledge Sharing

A Complete List of AWS IAM Misconfigurations

IAM is a feature of AWS that is presented at no extra charge. However, having AWS IAM Misconfigurations is a constant headache for organizations. A single mistake can be worth millions. Implementing IAM can help you prevent catastrophic events like data breaches and insider attacks.

Categories
Knowledge Sharing

Implementing IAM in the Google Cloud Platform (GCP)

In this article, we will take a look at Identity Access Management or IAM in GCP (the Google Cloud Platform). Take a look and get a Brief understanding.

Categories
How To?

How to Build Secure AWS S3 Bucket?

A security breach never helps a company’s reputation. Many customers leave your services which lead your company taking a huge financial hit. Read and try Us!

Categories
Knowledge Sharing What Is?

What is Multi-Factor Authentication (MFA)?

Most organizations require their employees to use multi-factor authentication (MFA) solutions these days. This is because your traditional passwords are not secure anymore. Think of this, between your sensitive data and a hacker, the first and only line of defense is your password. Over the years, hackers have become steadfast in developing better password cracking […]

Categories
How To? Guides

How Can Your Application Accomplish ISO 27001 in AWS Cloud?

In this article, we will take a look at how your application can accomplish ISO 27001 in AWS Cloud. International Organization for Standardisation, also known as ISO/IEC 27001:2013, is an international body that governs the specific set of laws and regulations to secure the information. It partners with the International Electrotechnical Commission (IEC) and works […]