Practical Technology

for practical people.

February 15, 2022
by sjvn01
0 comments

Tigera Tightens Cloud Native Container Security

Tigera claims you can catnap about your container security with its new cloud-native application protection platform (CNAPP) for its Calico Cloud. If the name sounds familiar, there’s a reason. Gartner defined CNAPP as an emerging category of security programs. Its point is to secure cloud-native applications from development to production. Tigera is far from the only company working on this approach. What Tigera brings to this clowder of napping cats is zero trust.

Tigera Tightens Cloud Native Container Security. More>

February 15, 2022
by sjvn01
0 comments

Who did I just hire!?

These days it’s not uncommon to interview someone over Zoom and never actually meet them in person. A friend recently told me they hired a great candidate for their Kubernetes senior engineer position. This was a big deal. Kubernetes-savvy people are rarer than hen’s teeth. The person they hired showed he had the technical chops they needed and made it through three rounds of interviews with flying colors.

They offered him the position. He accepted, went through onboarding, showed up at his first real virtual meeting—and it wasn’t the same guy.

He literally wasn’t the person they’d interviewed. He didn’t look the same, didn’t talk the same, and most important of all, he didn’t have the job skills they needed. My buddy told me, “It was clear after five minutes that he may have taken some Kubernetes classes, but he’d never really worked with it.”

Words fail me. I’m used to people lying about their skills, exaggerating their experience, or padding their résumés. We all are. But this? This takes it to a new level.

Who did I just hire!? More>

February 11, 2022
by sjvn01
0 comments

VMware Finds Linux Malware on the Rise

Linux is largely secure. Sure, it has security problems like any other operating system, but they tend to get fixed quickly and completely. Unfortunately, if you don’t install Linux correctly on your servers or clouds, while you may not be as vulnerable if you were running Windows XP, you’re still in danger. VMware Threat Analysis Unit (TAU) explores these threats in detail in its new report, Exposing Malware in Linux-based Multi-Cloud Environments.

Let’s start with what we all know. Linux is the top cloud operating system. Linux also powers over 78% of the most popular websites. Hackers aren’t stupid. They know that they can make more bucks from targeting clouds wholesale than going after Windows PCs retail. So, they’re increasingly targeting vulnerable Linux-based systems.

VMware Finds Linux Malware on the Rise. More>

February 11, 2022
by sjvn01
0 comments

CNCF reports record Kubernetes and container adoption

A few years ago when Docker was new, we thought containers would finally be a big deal, but we weren’t sure. Fast forward to 2022, and there’s no longer any question about it. Docker sparked a container revolution that has transformed computing. Gartner predicts that 70% of organizations will run containerized applications by 2023. They’re not wrong. As the recent Cloud-Native Computing Foundation (CNCF) survey has shown, in the 2021 Cloud-Native Survey that Kubernetes, the dominant container orchestration program has reached its highest level ever, with 96% of organizations using or evaluating the technology.

Not bad for a technology that hasn’t seen its eighth birthday yet.

CNCF reports record Kubernetes and container adoption. More>

 

February 10, 2022
by sjvn01
0 comments

Security Trouble in Argo Continuous Delivery Program

Maybe someday there will a day when we don’t have a serious security problem to worry over, but that day is not today. In our latest headache, the cloud-native security company Apiiro’s Security Research team uncovered a nasty software supply chain zero-day vulnerabilityCVE-2022-24348, in Argo CD, the popular open-source GitOps Continuous Delivery (CD) platform.

The problem is an oldie, but nasty path traversal bug. When abused, it enables arbitrary values files to be consumed by Helm charts. Adding insult to injury, an attacker can craft malicious Helm chart packages, which contain value files that are actually symbolic links, pointing to arbitrary files outside the repository’s root directory.

Security Trouble in Argo Continuous Delivery Program. More>

February 10, 2022
by sjvn01
0 comments

Elon Musk’s net worth will exceed $1 Trillion thanks to SpaceX

There’s rich — Amazon’s Jeff Bezos with not quite $200-billion and Microsoft’s Bill Gates with $132-billion — and then there’s Elon Musk rich: Approximately $241-billion. But, according to a note, “SpaceX Escape Velocity … Who Can Catch Them?” by Morgan Stanley‘s head of auto and space research Adam Jonas, SpaceX will launch him into being the first trillionaire.

True, SpaceX makes up less than 17% of Musk’s $241.4 billion net worth, according to the Bloomberg Billionaires Index, but Jonas is bullish on SpaceX. Jonas said SpaceX was “challenging any preconceived notion of what was possible and the time frame possible, in terms of rockets, launch vehicles and supporting infrastructure.”

Elon Musk’s net worth will exceed $1 Trillion thanks to SpaceX. More>