Orca Flags Dangerous Google Kubernetes Engine Misconfiguration

Attackers could take over a Kubernetes cluster if access privileges are granted to all authenticated users in Google Kubernetes Engine.
The post Orca Flags Dangerous Google Kubernetes Engine Misconfiguration appeared first on SecurityWeek.
Continue reading Orca Flags Dangerous Google Kubernetes Engine Misconfiguration

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover

Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster.
The post Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover appeared first on SecurityWeek.
Continue reading Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover

Google Cloud puts its Kubernetes Engine on autopilot

Google Cloud today announced a new operating mode for its Kubernetes Engine (GKE) that turns over the management of much of the day-to-day operations of a container cluster to Google’s own engineers and automated tools. With Autopilot, as the new mode is called, Google manages all of the Day 2 operations of managing these clusters […] Continue reading Google Cloud puts its Kubernetes Engine on autopilot

Google details its approach to cloud-native security

Over the years, Google’s various whitepapers, detailing how the company solves specific problems at scale, have regularly spawned new startup ecosystems and changed how other enterprises think about scaling their own tools. Today, the company is publishing a new security whitepaper that details how it keeps it cloud-native architecture safe. The name, BeyondProd, already indicates […] Continue reading Google details its approach to cloud-native security

GKE, AWS, & S3 Buckets – Application Security Weekly #67

    GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise’s Project: How to Explain Ser… Continue reading GKE, AWS, & S3 Buckets – Application Security Weekly #67

Google expands its container service with GKE Advanced

With its Kuberntes Engine (GKE), Google Cloud Google has long offered a managed service for running containers on its platform. Kubernetes users tend to have a variety of needs, but so far, Google only offered a single tier of GKE that wasn’t necessarily geared toward the high-end enterprise users the company is trying to woo. […] Continue reading Google expands its container service with GKE Advanced