Operations | Monitoring | ITSM | DevOps | Cloud

Launching Vulnerability Manager Plus: Hunt down security loopholes with 100% precision

Amp up your endpoint security game with ManageEngine’s all-new Vulnerability Manager Plus. Pinpoint, prioritize, and eliminate vulnerabilities with ease. Attackers are constantly coming up with new ways to carry out exploits, making it even harder for your organization to reduce its attack surface and keep its endpoints secure.

Browser vulnerabilities: Securing against the inevitable

Web browsers have revolutionized the way we use the internet. They’ve escalated employee productivity, but have also opened up organizations to a plethora of security loopholes. Browsers are the easiest point of entry for hackers to exploit a system because they contain vulnerable components like plug-ins and cookies.

Runc CVE-2019-5736

Today CVE-2019-5736 was announced which impacts all known versions of runc. Runc is the underlying component that creates containers in Docker, Kubernetes, and many other container systems. The full details of this vulnerability are available in the Openwall oss-security mailing. Due to the severity of this issue, exploits will not be published for another week, giving people time to patch.

Adding CVE scanning to a CI/CD pipeline

A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and libraries of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones. Scanning an image within a CI/CD pipeline can ensure this additional level of security.

Understanding the Impact of the Kubernetes Security Flaw and Why DevSecOps is the Answer

It finally happened. At the start of DockerCon Europe and a week before KubeCon was set to take place in the U.S., researchers discovered the first major vulnerability within Kubernetes, the popular cloud container orchestration system.