Black Hat Preview: Uncommon Sense
August 3, 2020
Detecting Exploits with Novel Hardware Performance Counters and ML Magic The end of July usually comes with a bit more preparation involving updating your software, encrypting your devices, buying a burner phone, and so on, as the infosec community prepares to descend down onto the Las Vegas strip for Black Hat and Defcon. While the […]
Grubbing Secure Boot the Wrong Way: CVE-2020-10713
July 29, 2020
Today, researchers at Eclypsium disclosed a buffer overflow vulnerability in GRUB2, CVE-2020-10713, affectionately termed “Boothole.” It basically results in a total pwn of Secure Boot in systems using GRUB, which is a lot of them — all Linux distros, a bunch of Windows machines, and more. Additionally, the mitigation process is a certified hot mess, […]
Security Considerations for Cloud Migration
July 22, 2020
Many companies have long resisted migrating to the cloud for security reasons. An evolving technology landscape can already make a well-planned cloud migration strategy seem like a complex task, but what if you add in a global pandemic? An entire workforce operating remotely? Murder hornets? These unforeseen challenges (OK, maybe not the murder hornets) can […]
Black Lives Matter. Actions Speak Louder Than Words.
June 19, 2020
The most recent killings of Black people at the hands of police – Rayshard Brooks, George Floyd, Ahmaud Arbery, Breonna Taylor – are tragically only the most recent reminders of the police brutality that our country has struggled with for decades, and of the broader racial injustice and inequality that has plagued us since inception. […]
container escape webinar
Can’t Contain Ourselves – Container Escapes
June 15, 2020
Register for “Linux & Containers: Brandon and Nick Hack Things Live.” Containers have revolutionized the way we do application development, but, as with most new technologies, their adoption in the enterprise is (rightfully) hindered by genuine security concerns. Ultimately, containers can bring huge security benefits not found in traditional infrastructure. But with new technologies come […]
High STEKs: On-path attacks in GnuTLS (CVE-2020-13777)
June 11, 2020
This month, Fiona Klute disclosed a vulnerability in GnuTLS, CVE-2020-13777. It can either enable on-path attackers for TLS 1.3, or facilitate passive decryption of traffic between servers running GnuTLS for TLS 1.2. Either way, it’s not great! Why it’s cool: Attackers could exploit this vuln to recover previously captured network traffic, like conversations (for servers […]
Machine Learning in Production Environments
Maximizing Business Impact with Machine Learning
June 3, 2020
I recently had the great fortune of presenting a lunch & learn session to the Capsule8 team. In this presentation I discussed how to effectively leverage machine learning to build intelligent products as efficiently as possible. Rather than focus on a single type of audience, I included information relevant to multiple levels including executive leadership, […]
Security Delusions Part 3: Cheat Codes
May 21, 2020
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
From Historian to Program Manager: Capsulator Cynthia Burke
May 12, 2020
Cynthia Burke is a Program Manager at Capsule8. She gets projects across the finish line-collaborating across the company with engineers, product managers, marketing, and the executive team to keep things on track and deliver value to our customers. She joined Capsule8 about a year and a half ago, with a background that includes a long […]
Security Delusions Part 2: Modern Monsters
May 6, 2020
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
Hacking Code, Finding Bugs, and Going Back to School: Capsulator Ghost
April 29, 2020
Back when he started college, Nick Gregory raced over to NYU’s OSIRIS Lab and made some friends for the first couple of days of school. Then his classes got crazy and he didn’t hit the lab for a few weeks—he was adjusting to the workload of his freshman year and the stresses that go along […]
eBPF’s Rollercoaster of Pwn: An Overview of CVE-2020-8835
April 23, 2020
Last Friday, Manfred Paul published a blog post about the vuln he used at Pwn2Own 2020, CVE-2020-8835, a local privilege escalation bug in the Linux Kernel. It affects any Linux distros using Linux kernels 5.5.0 and newer. Why it’s cool: eBPF is the Hacker News hotness for tracing (i.e. monitoring execution of) the Linux kernel, […]
Security Delusions Part 1: A History of Cloud Compunction
April 20, 2020
Organizations are unearthing the potential of digital transformation, but security often remains a gatekeeper to this path of promised potential, largely due to its own delusions about what modern infrastructure means. As Herman Melville wrote in Moby Dick, “Ignorance is the parent of fear” – and security is too frequently hindered by its fear of […]
Goal Oriented in Soccer and for Customers: Capsulator Austin Britt
April 1, 2020
Austin Britt, director of sales engineering, has been with Capsule8 since 2018. In his time as a member of the team, he’s seen the company grow from no revenue and no customers to the thriving, but still scrappy, operation that is redefining Linux protection for the enterprise. Those early days bring a smile to Austin’s […]
Harini Kannan
Tending Bonsai and Analyzing Tons of Data: Capsulator Harini Kannan
March 17, 2020
Harini Kannan is a data scientist at Capsule8. She joined us in May of 2017 as a data science intern after graduating from the University of Texas, Arlington, and has been working with us full-time since December 2017. In the nearly three years she’s been a Capsulator, Harini has been an important part of the […]
SecOps Tiers
No More Tiers: Reimagining the Structure of SecOps
March 11, 2020
Why not both? I’m not sure who thought that arbitrary hierarchical silos among a team of individual contributors was good for team morale and load-balancing, but here we are. During a recent guest appearance on the Purple Squad Security podcast, I described my last role working on a security operations team that handled incident response […]
RAMming Down Hype via Intel CSME
March 6, 2020
Recently, security researchers found new vectors of exploiting a vulnerability in Intel CSME, CVE-2019-0090, affecting all Intel chips other than Generation 10 (Ice Lake). The researchers haven’t released exploitation details yet, but proclaimed that “utter chaos will reign”… but not by exploiting this vulnerability! Instead, there’s a potential for chaos if attackers figure out how […]
What is container security?
What is Container Security?
February 21, 2020
Container Security – Nobody Knows What It Means But It’s Provocative The current understanding of “container security” as a term and market is muddled, especially given containers are used by different teams in different contexts. It could mean scanning image repositories for vulnerabilities or exposed secrets, managing credentials for container deployment, or monitoring running containers […]
EDR for Linux: Detection and Response in Linux Environments
February 5, 2020
The 3 pillars every solution needs to protect critical Linux production environments Despite the steady ascent of Linux to the top of the production stack, security has often been an afterthought. That’s right—the OS that runs 54% of public cloud applications and 68% of servers has been getting short shrift when it comes to security.  […]
Kelly Shortridge - Photo credit: @montaelkins
A Cloudy Forecast for ICS: Recap of S4x20
January 30, 2020
Photo credit: @montaelkins – Kelly Shortridge Keynote at S4x20 Last week, I keynoted S4x20, the biggest industrial control systems (ICS) security conference in the world, and was able to catch quite a few talks, too. While it took place in sunny Miami Beach, my highlights from the conference suggest a far cloudier outlook. Specifically, there […]
Takeaways from Art into Science
January 22, 2020
What do you get when you take a security conference and pare back its typical formula of swag-laden vendor tables, high-concept lighting that promises to be “an experience”, bougie parties with LED-lit stemware and a surplus of decibels — not to mention all of the offsec-focused talks? You find a group of dedicated defenders who, […]
1 2 3 4 6