Infrastructure Security: Doing More with Serverless
Privacy, Data Security & Compliance with Cynthia Burke
In most IT shops, privacy, data security and compliance often resided under the same umbrella of ownership. While all 50 States in the US have data breach notification laws, we are seeing a shift in focus on data privacy globally. Privacy and data security compliance are often used interchangeably but this misuse in terminology (and […]
Webinar: Preparing Linux Hosts for Unexpected Threats
Webinar: Preparing Linux Hosts for Unexpected Threats Thursday, Mar 18, 2021 | 12:00 PM ET Watch On-Demand Overview: Linux has been hugely successful in the enterprise over the past few decades, partially due to the flexibility and extensibility of the operating system. This has lead to upsides and downsides. One upside: powerful instrumentation that can […]
Targeting, Exploiting, & Defending Linux
As Linux workloads continue to rise, attacks on Linux continue to increase. During this podcast our Chief Scientist and Co-Founder, Brandon Edwards teams up with Security Weekly to answer: Why is targeting it different on Linux? What types of attacks are used? How can we defend against attacks on Linux? In addition to answering these […]
Linux Tracing – Do You Know What Your Servers Are Actually Doing?
There’s a whole world of system tracing, instrumentation, and profiling built into nearly every Linux system that goes untouched by most. While originally developed to help with debugging and performance tuning, the same tools can be used to provide security insights that are difficult or almost impossible to get any other way. This talk will […]
Building Operational Security in the Cloud: The Case for Partnership Between Infosec and Cloud Engineers
Following our successful webcast with 451 Research, Divided We Fail: How Security Teams Can Better Engage with DevOps, Fernando Montenegro answers questions in the video below, furthering the case for partnerships between Infosec and Cloud Engineers.
Coffee and Capsule8: Tales from the Cryptomining
If you’re curious about cryptomining and are interested in learning what it is, how folks are doing it, and how it could be impacting your organization (like that unexpected AWS bill!), join our live webcast series.
Exit Stage Left: Replacing Theater with Chaos
Recorded at Cloud Native Security Day 2020 Capsule8’s VP of Product Management and Product Strategy, Kelly Shortridge explores how security theater leads to increased organizational friction, especially in the realm of software delivery, rather than promoting safety. She’ll contrast these dramatics with a security chaos engineering approach – one which embraces the importance of convenience, […]
Divided We Fail: How Security Teams Can Better Engage with DevOps
Join Fernando Montenegro and Kelly Shortridge as they get to the heart of the relationship between security and DevOps and share tips for CISOs to help improve their engagement.
Ramping up with FedRAMP
Cynthia Burke, Capsule8 Program Manager, will give a high level overview of the Federal Risk and Authorization Management Program (FedRAMP) landscape and will discuss some of the challenges of and best practices for FedRAMP compliance using specific case study examples to help guide you and your team up the compliance hill with FedRAMP.
The ABCs of PMCs for Attack Detection
Deciphering SOC 2 Compliance in Cloud-Native Environments
Security Considerations for Cloud Migration During a Crisis
An evolving technology landscape can already make a well planned cloud migration strategy seem like a complex task, but as we’ve learned in the past few months, there are often additional challenges thrown into the works.
Linux and Containers: Brandon and Nick Hack Things Live
Join Capsule8 researchers Brandon Edwards (@drraid) and Nick Freeman (@0x7674) as they perform live hacking walk throughs of common container escape patterns and what signals they leave behind.
Between 2 Kernels: Joel Fulton – E06
Things get a bit macabre in our latest episode of B2K featuring reformed CISO Joel Fulton. The two talk about the problem with products, how being a CISO is like living in a survival horror role playing game, and how a golf course is a metaphor for pursuing security. https://www.youtube.com/watch?v=fiE7pbDaC2I&feature=emb_title Video Transcript Kelly Shortridge: Welcome […]
Rant: Security Teams Are Friends Not FUD
Security professionals expect their non-security colleagues to trust them and heed their advice. Yet their everyday practices often undermine any sense of trust and, well, security. From running phishing drills that cross the line from realistic to traumatic, to rolling out tools that break business-critical workflows (and uptime), it can be tough for security teams […]
Between 2 Kernels: Sounil Yu – E05
Sounil Yu lays out his framework for thinking about all variety of subjects on the latest episode of Between 2 Kernels with Kelly Shortridge. The two cover his sentiments on useless security products, AI-enabled quantum trust, and giving 3 year olds automatic weapons. https://www.youtube.com/watch?v=qJat6tWdWHs&feature=emb_title Video Transcript Kelly Shortridge: Welcome to Between Two Kernels. I am […]
Container Escape Demo
Watch a video demo of Capsule8 Protect in action detecting a container escape exploit. https://www.youtube.com/watch?v=Cit7icD4W2o
Between 2 Kernels: Ian Coldwater – E04
Video Transcript Kelly Shortridge: Welcome to another edition of Between Two Kernels. Today’s guest is Ian Coldwater, who has that one secret trick that means that containers hate them. Welcome, Ian. Ian Coldwater: Thank you. Kelly Shortridge: You’re welcome. Ian Coldwater: Really appreciate being here. Kelly Shortridge: So there’s a really big debate that happens […]
A Compendium of Container Escapes – Black Hat 2019
Learn the how and why container escapes work, starting from a brief intro to what makes a process a container, and then spanning the gamut of escape techniques, covering exposed orchestrators, access to the Docker socket, exposed mount points, /proc, all the way down to overwriting/exploiting the kernel structures to leave the confines of the […]
Capsule8 Investigations Quick Start with AWS Athena