Avatar photo
By: Kevin Ayres

April 16, 2024 2:57 pm

484 views

SUSE’s Container Security Platform Now Listed in Amazon EKS Best Practices: A Big Step for Container Security

Thanks to our collaboration with AWS and work from Dominik Wombacher, we're thrilled to announce that SUSE's Container Security Platform, NeuVector Prime, is now recognized in the official Amazon EKS Best Practices documentation across six key security areas: Runtime Security Pod Security Network Security Image Security Incident Response and Forensics Regulatory Compliance   This […]

Read More


Avatar photo
By: Glen Kosaka

April 3, 2024 1:56 pm

1,268 views

How NeuVector Can Protect Against the XZ Backdoor Attack CVE-2024-3094 in Kubernetes Environments

Security researcher Andres Freund reported to Debian that the xz/liblzma library had been backdoored. As a result, CVE-2024-3094 was published with a critical CVSS score of 10. This vulnerability stems from a supply chain compromise on versions 5.6.0 and 5.6.1 of XZ Utils. XZ Utils is data compression software included in […]

Read More


Avatar photo
By: Marcus Meissner

March 29, 2024 5:33 pm

5,450 views

SUSE addresses supply chain attack against xz compression library

SUSE received notification of a supply chain attack against the "xz" compression tool and "liblzma5" library. Background Security Researcher Andres Freund reported to Debian that the xz / liblzma library had been backdoored. This backdoor was introduced in the upstream github xz project with release 5.6.0 in February 2024. For the […]

Read More


Avatar photo
By: Rajesh Rajamani

March 19, 2024 12:00 pm

2,080 views

SUSE Releases Edge 3.0: Highly Validated Edge Optimized Stack

Edge: The new frontier of innovation Organizations need to be at the forefront—they are looking to accelerate transformation and deliver differentiation at the edge. They face challenges, scale being one of the hardest to overcome, and have to navigate skilled resource constraints and the burden of pre-existing technology debt. They are stretched to meet […]

Read More


Avatar photo
By: Glen Kosaka

March 15, 2024 7:13 pm

1,516 views

How NeuVector Leverages eBPF to Improve Observability and Security

Extended Berkeley Packet Filter There’s been a lot of recent interest in eBPF (extended Berkeley Packet Filter) and its application for container security solutions. Let’s examine eBPF's features and benefits and how NeuVector utilizes them to enhance its full-lifecycle container security solution. eBPF enables products to run sandboxed programs in a privileged context, […]

Read More


Avatar photo
By: Glen Kosaka

March 14, 2024 5:24 pm

1,106 views

NeuVector UI Extension for Rancher Enhances Secure Cloud Native Stack

We have officially released the first version of the NeuVector UI Extension for Rancher! This release is an exciting first step for integrating NeuVector security monitoring and enforcement into the Rancher Manager UI.  The security vision for SUSE and its enterprise container management (ECM) products has always been to enable easy deployment, monitoring and […]

Read More


FX Houard
By: François-Xavier "FX" Houard

March 11, 2024 3:21 pm

1,375 views

SLE BCI Base Container available for US government agencies on Iron Bank

In a nutshell Iron Bank, a public registry containing US Department of Defense (DoD)-built, hardened and approved container images has included SUSE Linux Enterprise Base Container Images (SLE BCI) into their hardened base images catalog. This accreditation testifies to SLE BCI's safety and reliability, and reconfirm its relevance in supporting the industry-wide push for more […]

Read More


Avatar photo
By: Glen Kosaka

January 30, 2024 7:21 pm

1,852 views

NeuVector Releases v 5.3.0: Enhancing Network Security and Automation

We are pleased to announce the release and general availability of NeuVector version 5.3.0! This release adds significant functionality to our market-leading container network security protections, as well as support for GitOps security as code automation. It also expands the breadth of platform compatibility with Arm64 and public cloud marketplace support.   […]

Read More


Avatar photo
By: Radoslav Kolev

January 18, 2024 10:39 am

2,081 views

How to extract the signer’s certificate and verify the signature of a Linux kernel image

It's been quite a while since the introduction of UEFI and Secure Boot, which ensures that only code bearing a signature by a trusted party will get executed by the firmware. After a brief period of uncertainty this is now well supported by default in many Linux distributions. The Zero trust security model gaining popularity […]

Read More