All Blogs
An Introduction to Container Escapes
“‘ESS-ca-pay’… that’s funny, it’s spelled just like the word ‘escape’!”-A famous fish with ephemeral memory Containers are more popular than well-understood. Container escapes are even less understood. This post is intended to solve the latter issue and demystify the heretofore arcane art of container escapology, even for people who feel confused by containers or uneducated […]
aka AK: Capsulator Adrian Kwak
According to Capsule8 Product Manager and Console Designer Adrian Kwak (aka AK), a common misperception of her role is that she “makes websites pretty.” Since joining the team a year ago, AK has been a huge part of our product team and while we at Capsule8 know her contributions far exceed that simple definition, it […]
Q&A: Secure Cloud Migration During a Crisis
Back in July, Capsule8’s Chief Product Officer, Rob Harrison, chatted with guest speaker Andras Cser, vice president and principal analyst at Forrester Research, about how security considerations for a cloud migration have changed over the past few months and how future trends change risk when adopting accelerating strategies. The evolving technology landscape can already make […]
Top 3 Security Problems Caused by Rogue Developers
The Road to Fail is Paved with Good Intentions Security vulnerabilities are often a top concern for security teams. But when it comes to defending production systems, it’s not about bugs. There are a number of seemingly innocent developer behaviors that can wreak as much, if not more, havoc — or even worse, take an […]
HR-You Ready?: Capsulator King Krompicha
One of the first people you’ll meet when you apply for a job at Capsule8 is our wonderful Director of Human Resources, King Krompicha. King joined our team one year ago after leading the tech recruiting efforts at Harry’s, a direct-to-consumer goods company, and has made a huge impact on not only human resources, but […]
Capsule8 named CB Insights Cyber Defender for 2020
The folks at CB Insight recently released a new report, “Cyber Defenders 2020” where they highlight what they consider emerging cybersecurity trends for 2020 and recognize the startups they believe will shape the space in the coming year. The report discusses vendors in a number of categories, including Anomalous Behavior Detection, Third-Party Risk Management, and […]
SOC 2 Compliance Playbook for Cloud Native
Part 2: SOC 2 Type 1 MVP Playbook Click here to read Part 1: From Monster to Mascot Of the SOC 2 principles (criteria) of security, availability, process integrity, confidentiality, and privacy, you can choose which principles to include in your SOC 2 audit but security must be included in any MVP SOC 2 audit. […]
Compliance in a Cloud Native World
Part 1: From Monster to Mascot How did a fairly straightforward endeavor – an IT audit – become that monster under the bed? Compliance projects all too often feel a massive box checking exercise. You may be pulling staff and co-workers into a vast abyss, mapping arcane compliance controls, deciphering audit speak, all to hopefully […]
Black Hat Preview: Uncommon Sense
Detecting Exploits with Novel Hardware Performance Counters and ML Magic The end of July usually comes with a bit more preparation involving updating your software, encrypting your devices, buying a burner phone, and so on, as the infosec community prepares to descend down onto the Las Vegas strip for Black Hat and Defcon. While the […]
Grubbing Secure Boot the Wrong Way: CVE-2020-10713
Today, researchers at Eclypsium disclosed a buffer overflow vulnerability in GRUB2, CVE-2020-10713, affectionately termed “Boothole.” It basically results in a total pwn of Secure Boot in systems using GRUB, which is a lot of them — all Linux distros, a bunch of Windows machines, and more. Additionally, the mitigation process is a certified hot mess, […]
Security Considerations for Cloud Migration
Many companies have long resisted migrating to the cloud for security reasons. An evolving technology landscape can already make a well-planned cloud migration strategy seem like a complex task, but what if you add in a global pandemic? An entire workforce operating remotely? Murder hornets? These unforeseen challenges (OK, maybe not the murder hornets) can […]
Black Lives Matter. Actions Speak Louder Than Words.
The most recent killings of Black people at the hands of police – Rayshard Brooks, George Floyd, Ahmaud Arbery, Breonna Taylor – are tragically only the most recent reminders of the police brutality that our country has struggled with for decades, and of the broader racial injustice and inequality that has plagued us since inception. […]
Can’t Contain Ourselves – Container Escapes
Register for “Linux & Containers: Brandon and Nick Hack Things Live.” Containers have revolutionized the way we do application development, but, as with most new technologies, their adoption in the enterprise is (rightfully) hindered by genuine security concerns. Ultimately, containers can bring huge security benefits not found in traditional infrastructure. But with new technologies come […]
High STEKs: On-path attacks in GnuTLS (CVE-2020-13777)
This month, Fiona Klute disclosed a vulnerability in GnuTLS, CVE-2020-13777. It can either enable on-path attackers for TLS 1.3, or facilitate passive decryption of traffic between servers running GnuTLS for TLS 1.2. Either way, it’s not great! Why it’s cool: Attackers could exploit this vuln to recover previously captured network traffic, like conversations (for servers […]
Maximizing Business Impact with Machine Learning
I recently had the great fortune of presenting a lunch & learn session to the Capsule8 team. In this presentation I discussed how to effectively leverage machine learning to build intelligent products as efficiently as possible. Rather than focus on a single type of audience, I included information relevant to multiple levels including executive leadership, […]
Security Delusions Part 3: Cheat Codes
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
From Historian to Program Manager: Capsulator Cynthia Burke
Cynthia Burke is a Program Manager at Capsule8. She gets projects across the finish line-collaborating across the company with engineers, product managers, marketing, and the executive team to keep things on track and deliver value to our customers. She joined Capsule8 about a year and a half ago, with a background that includes a long […]
Security Delusions Part 2: Modern Monsters
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
Hacking Code, Finding Bugs, and Going Back to School: Capsulator Ghost
Back when he started college, Nick Gregory raced over to NYU’s OSIRIS Lab and made some friends for the first couple of days of school. Then his classes got crazy and he didn’t hit the lab for a few weeks—he was adjusting to the workload of his freshman year and the stresses that go along […]
eBPF’s Rollercoaster of Pwn: An Overview of CVE-2020-8835
Last Friday, Manfred Paul published a blog post about the vuln he used at Pwn2Own 2020, CVE-2020-8835, a local privilege escalation bug in the Linux Kernel. It affects any Linux distros using Linux kernels 5.5.0 and newer. Why it’s cool: eBPF is the Hacker News hotness for tracing (i.e. monitoring execution of) the Linux kernel, […]
Security Delusions Part 1: A History of Cloud Compunction
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]