2 Min Read April 10, 2019

Go Behind the Scenes of a Docker Cryptojacking Attack

When Threat Stack security analyst Ethan Hansen saw an alert in a customer’s environment that read /temp [RANDOM] cnrig, he knew his afternoon was about to get interesting. As part of his role in the Threat Stack Cloud SecOps Program℠, Ethan regularly monitors customer environments and proactively investigates alerts like this on the customer’s behalf. […]

6 Min Read March 14, 2019

How to Achieve Full Stack, Multi-Cloud Security Observability

You probably know AWS as the leading cloud platform provider. These days, however, many companies are using additional cloud providers as well. According to Gartner’s October 2018 report “Market Insight: Multicloud Becomes Essential for Cloud IaaS Offerings,” 49% of organizations were approaching their cloud computing IaaS strategy through multi-cloud adoption in 2017, and that is […]

2 Min Read February 13, 2019

How to Defend Against the runC Container Vulnerability

Earlier this week security researchers Adam Iwaniuk and Borys Poplawski published details on a vulnerability in runC, the underlying container runtime for Docker, Kubernetes, cri-o, containerd, and other container-dependent programs. The vulnerability, CVE-2019-5736 allows malicious containers to overwrite the host runC binary and gain root-level code execution on the host. This would give attackers the ability to […]

5 Min Read December 14, 2018

What is Cloud Workload Security?

A cloud workload is a distinct capacity or work function that we put on a cloud instance. It can be a Hadoop node, a Web server, a database, or a container, among other things. Broadly speaking, therefore, cloud workload security is any means of protecting these workloads. There is a common misconception that securing your […]

3 Min Read October 18, 2018

How to Cope With the Security Talent Shortage in SecOps

Security budgets are rising, but are they helping with challenges caused by the security talent shortage? This post offers insights from our recent security budgeting survey and shares ideas on how to deal with the security talent shortage in SecOps.

17 Min Read June 1, 2018

50 Essential Cloud Security Blogs for IT Professionals and Cloud Enthusiasts

With revenue from the cloud computing sector expected to hit $411 billion by 2020, it’s no wonder that more and more companies are shifting their services to the cloud where flexibility and speed make it attractive for organizations looking to leverage a strong competitive edge. But operating in the cloud also gives rise to a […]