Introduction A significant error with the Nginx-LDAP-auth software package was recently disclosed publicly, allowing attackers to avoid authenticity and disclose important information to the affected servers. This risk is still under investigation, so this blog post...

Introduction AccuKnox is thrilled to announce the availability of its runtime observability tool - AccuKnox Insights. This provides observation of workloads (k8s pods, processes in VMs) at runtime. This delivers deep visibility into the workloads and their behavior...

KubeArmor now adds support for host policies i.e policies that can directly run on Virtual Machines and Baremetal systems using AppArmor and SELinux. A host policy is a policy that is applicable to a given host (identified by a label) and can be enforced on the host...

KubeArmor now supports SELinux based enforcement for host policies, This allows enforcement on virtual machines or bare metal instances with Red Hat Enterprise Linux and CentOS. Security-Enhanced Linux (SELinux) is a mandatory access control (MAC) security mechanism...

Introduction The rise in popularity of JavaScript has resulted in many changes, and the face of web development today is very different. In this article, we will be learning how to protect NodeJS applications at runtime using Accuknox’s open-source tooling. Accuknox...

Default Security Posture One of the tenets of achieving Zero Trust stature requires one to set the workloads in "least-permissive mode". Setting up least-permissive mode can be fraught with challenges and it is important that the tooling supports gradual upgrade to...

Introduction The Linux security module (LSM) framework, which allows for security extensions to be plugged into the kernel, has been used to implement MAC on Linux. LSM hooks in Linux Kernel mediates access to internal kernel objects such as inodes, tasks, files,...

Introduction WordPress is the most popular and easiest way to create your website or blog. WordPress is likely to power more than one-fourth of the websites you visit. WordPress is an open-source content management system released under the GPLv2 license, which means...

NSA and CISA recently published the Kubernetes hardening guide which contains valueble suggestions to harden a Kubernetes Cluster. The file has been directly embedded for ease of reading. Alternatively, users can download the file directly from this link: