Linux Server Monitoring: a Brief Guide

Different Approaches to Linux Host and Process Monitoring In case you hadn’t heard, Linux is a big deal. Linux servers are used in the vast majority of production systems, the …

Between Two Kernels: Halvar Flake – E03

In Episode 3 Kelly chats with Halvar Flake, former Project Zero team member at Google and Co-Founder of optimyze. The two get philosophical about vendor tag lines, characterize his new …

Between Two Kernels: Allan Alford – E02

In Episode 2 of Between Two Kernels Kelly chats with CISO Allan Alford about being the most hated man in his organization, the three biggest mistakes of his life, and …

Between Two Kernels: Art Coviello

We’re excited to kick off a new video series with our VP of Product Strategy, Kelly Shortridge, titled “Between Two Kernels.” Kelly aims to conduct short, potentially awkward interviews with …

You Think That’s Air You’re Breathing?

What seemed lost in this (runc) hype is that the ability to escape containers is not confined to a one-off vulnerability in container management programs or orchestrators.

Kernel Configuration Glossary

In our post “Millions of Binaries Later: a Look Into Linux Hardening in the Wild”, we examined the security properties of different distributions. In the following, we provide a glossary …

Millions of Binaries Later: a Look Into Linux Hardening in the Wild

TL;DR In this post, we explore the adoption of Linux hardening schemes across five popular distributions by examining their out-of-the-box properties. For each distribution, we analyzed its default kernel configuration, …

UAFs in Linux Kernel Modules: CVE-2019-8912 & CVE-2019-8956

A researcher using syzkaller found a locally-exploitable bug in Linux’s crypto API, CVE-2019-8912, which allows for a use-after-free in sockfs_setattr. It’s received sudden buzz, probably because a bug in the …

Nested Guests: CVE-2019-7221

Earlier this month, twin KVM bugs found by Google’s Project Zero team were released publicly: CVE-2019-7221, a use-after-free vulnerability, and CVE-2019-7222, a memory leak that can assist exploitation of the …