Detecting CVE-2020-14386 with Falco and mitigating potential container escapes

On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be exploited to hijack data and resources and in the most severe case, completely take over the system.


Security corner: snap interface & snap connections

One of the defining features of snaps is their strong security. Snaps are designed to run isolated from the underlying system, with granular control and access to specific resources made possible through a mechanism of interfaces. Think of it as a virtual USB cable – an interface connects a plug with a slot. Security and privacy conscious users will certainly be interested in knowing more about their snaps – what they can do and which resources they need at runtime.


Server Monitoring with OpsRamp

For decades, compute or server infrastructure has been the backbone of the IT world. Compute has gradually evolved from on-premise hardware to programmable compute in the form of software containers. Technology operators need to constantly monitor the performance of their Windows, Linux, and container infrastructure so that they can optimize their compute environments to match workload demands.


An Introduction to Testing Robot Code

The myriad of different fields that make up robotics makes QA practices difficult to settle on. Field testing is the go-to, since a functioning robot is often proof enough that a system is working. But online tests are slow. The physical environment must be set up. The entire system has to be in a workable state. Multiple runs are needed to build confidence. This grinds development to a halt.


Become FIPS Compliant with HAProxy Enterprise on Red Hat Enterprise Linux 8

Guarantee strong encryption by enabling ‘FIPS mode’ with RHEL and HAProxy Enterprise. SSL and its successor TLS are protocols that safeguard web traffic as it crosses the Internet, encrypting communication and protecting it from tampering. However, the encryption algorithms within these protocols are subject to change over time as vulnerabilities are discovered or as better encryption methods become available.


How Canonical remotely delivers and supports customer cloud deployments

The widespread shift to remote working in response to the COVID-19 pandemic has been a disruptive change for countless businesses; some 13% of organisations say they have faced major disruption. But at Canonical, remote working has long been the status quo for many of our teams. In spite of the challenging circumstances in which we all find ourselves, Canonical has been able to continue to operate and support our customers despite their working practices undergoing significant changes.

SolarWinds Kiwi Syslog Server Overview

SolarWinds® Kiwi Syslog® Server is an affordable on-premises solution designed to help you manage syslog messages, SNMP traps, and Windows event logs. It centralizes and simplifies log message management across network devices and servers. Kiwi Syslog Server lets you collect, filter, alert, react to, and forward syslog messages and SNMP traps, and it helps you adhere to regulatory compliance. Learn how to simplify syslog and SNMP trap management with SolarWinds Kiwi Syslog Server.

Tutorial: Getting Started with ROS

ROS, the Robot Operating System, is the platform of choice for robot development. However, the breadth and depth of existing documentation can be daunting for the ROS beginner. Where should you start learning about ROS 2 on Ubuntu? All robots based on ROS and ROS 2 are programmed using five simple but core constructs: In this tutorial and associated video we’ll introduce these concepts with simulated robots.