Posts by

An Introduction to Container Escapes
October 8, 2020
“‘ESS-ca-pay’… that’s funny, it’s spelled just like the word ‘escape’!”-A famous fish with ephemeral memory Containers are more popular than well-understood. Container escapes are even less understood. This post is intended to solve the latter issue and demystify the heretofore arcane art of container escapology, even for people who feel confused by containers or uneducated […]
Top 3 Security Problems Caused by Rogue Developers
September 17, 2020
The Road to Fail is Paved with Good Intentions Security vulnerabilities are often a top concern for security teams.  But when it comes to defending production systems, it’s not about bugs. There are a number of seemingly innocent developer behaviors that can wreak as much, if not more, havoc — or even worse, take an […]
Security Considerations for Cloud Migration
July 22, 2020
Many companies have long resisted migrating to the cloud for security reasons. An evolving technology landscape can already make a well-planned cloud migration strategy seem like a complex task, but what if you add in a global pandemic? An entire workforce operating remotely? Murder hornets? These unforeseen challenges (OK, maybe not the murder hornets) can […]
Machine Learning in Production Environments
Maximizing Business Impact with Machine Learning
June 3, 2020
I recently had the great fortune of presenting a lunch & learn session to the Capsule8 team. In this presentation I discussed how to effectively leverage machine learning to build intelligent products as efficiently as possible. Rather than focus on a single type of audience, I included information relevant to multiple levels including executive leadership, […]
Security Delusions Part 3: Cheat Codes
May 21, 2020
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
Security Delusions Part 2: Modern Monsters
May 6, 2020
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
Security Delusions Part 1: A History of Cloud Compunction
April 20, 2020
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
SecOps Tiers
No More Tiers: Reimagining the Structure of SecOps
March 11, 2020
Why not both? I’m not sure who thought that arbitrary hierarchical silos among a team of individual contributors was good for team morale and load-balancing, but here we are. During a recent guest appearance on the Purple Squad Security podcast, I described my last role working on a security operations team that handled incident response […]
What is container security?
What is Container Security?
February 21, 2020
Container Security – Nobody Knows What It Means But It’s Provocative The current understanding of “container security” as a term and market is muddled, especially given containers are used by different teams in different contexts. It could mean scanning image repositories for vulnerabilities or exposed secrets, managing credentials for container deployment, or monitoring running containers […]
EDR for Linux: Detection and Response in Linux Environments
February 5, 2020
The 3 pillars every solution needs to protect critical Linux production environments Despite the steady ascent of Linux to the top of the production stack, security has often been an afterthought. That’s right—the OS that runs 54% of public cloud applications and 68% of servers has been getting short shrift when it comes to security.  […]
Container Security Challenges
Security Challenges for Containers in Runtime
December 14, 2018
Protecting containers in runtime is a critical element in securing containerized applications. There are a number of threats that occur in real-time when containers are running in production so a container security strategy must go beyond just eliminating vulnerabilities during the build phase. Containers in runtime and working applications can hold the crown jewels of […]
container security
3 Tips for Scaling Container Security
November 20, 2018
Container adoption continues to grow as enterprises large and small look to increase the efficiency of their software delivery with hybrid production environments. According to recent research we sponsored with ESG, more than half (56%) of those surveyed already having deployed containerized production applications and 80% indicating they would have them in production in the […]