Sign in Subscribe

Incident Response

Don't let your containers escape! Update runc & Docker Now!

Don't let your containers escape! Update runc & Docker Now!

TL;DR: Update runc and associated software (such as Docker) to the latest version to address several container breakout vulnerabilities. The security research team at Snyk recently disclosed vulnerabilities in runc <= 1.11.11, which can result in container escapes. Container escaping allows for access to the host operating

SQL query written in Athena to query for specific log events.

Exploring Amazon Athena in Incident Response: A Practical Approach

Recently, our team was pulled into an incident response engagement. As part of the breach investigation, we needed to review months of extensive nginx log files stored on Amazon S3 to determine an application issue causing data leakage. Complicating matters, we had no access to our traditional SIEM tools, prompting