Controls

Five Easy Steps to Keep on Your Organization’s DevOps Security Checklist

F5's Lori MacVittie writes for Tripwire, Inc., sharing five easy steps you can take to help improve security without sacrificing speed.
By Lori Mac Vittie
March 27, 2019
1 min. read

The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with “minimal user interaction” it subsequently allows attackers to gain root-level code execution on the host.

Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by failure to follow a single, simple rule: lock the door. Studies have shown an increasing number of publicly accessible, containerized environments that require no credentials. That means anyone – maybe you, maybe me – could gain control and deploy the appropriate malicious container required to gain root-level access.

Read the full article published March 5, 2019 here: https://www.tripwire.com/state-of-security/devops/devops-security-checklist/ by Tripwire, Inc.

TAGS: devops CVE-2019-5736 CISO Controls Exploit security strategy
Join the Discussion
Authors & Contributors
Lori Mac Vittie (Author)
Prinicipal Technical Evangelist
About Lori Mac All Articles

More from Learning Center

What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
07/05/2022 article 13 min. read
What Is Access Control?
What Is Access Control?
02/09/2022 article 15 min. read
What is Multi-Cloud and How Does It Affect Security?
What is Multi-Cloud and How Does It Affect Security?
11/03/2021 article 13 min. read