Prediction lists in the security industry are mostly self-indulgent fan fiction, so we decided to create an anti-meme in response. Rather than spin tall tales about drones using lasers to fire USBs into your servers to exploit side channel vulnerabilities, here are some things that we think will actually happen in 2020 within the magical realm of Linux and cloud-native security:
1 – People will continue to migrate infrastructure away from on-prem monoliths to microservices architectures and cloud-based hosting. These environments will be occasionally misconfigured along the way, leading to potential for compromise.
2 – Specifically, an open S3 bucket will lead to a data breach again.
3 – Someone will be trapped in vim.
4 – People will discover they are compromised because of cryptominers. Few will admit that they would prefer a lower AWS bill and stolen customer data rather than having multiple RCEs used to mine Monero.
5 – You will discover something unexpected in production. It will be like a surprise party, but with infrastructure jumping out to greet you and no cake.
6 – People will create another abstraction layer over Kubernetes. We may see Kubernetes for Kuberneteses, in what we hope will be called a Kubernest.
7 – People will conflate VMs with containers. We may disagree on the degree to which they are incorrect, but we will agree that they are definitely not right.
8 – There will be more microarchitectural vulnerabilities, because hardware is hard. At least one of these vulnerabilities will have its own name, website, and PR campaign.
9 – A local, contrived Linux 0day will foment panic, which won’t matter because another 0day will be found in WordPress, which also won’t matter because your marketing department still hasn’t patched the last WP vulnerability.
10 – People will base their security roadmaps on listicles like this one.
Capsule8 is defining modern enterprise protection by providing detection and response for Linux infrastructure in any environment. Capsule8 provides host-based detection and investigatory data for incident response with on-going support. Unlike anyone else, Capsule8 mitigates the financial, scalability and reliability limitations of protecting your Linux infrastructure.