Cloud security

eBPF (Extended Berkeley Packet Filter) is a powerful technology in the Linux kernel that can be used to execute efficient code and plays an important role in network monitoring, performance analysis, security auditing and other areas. However, this double-edged sword can also be utilized maliciously, bringing serious network security threats.

1. Product Introduction Nanqiang WEB Application Firewall (abbreviation: uuWAF) is a comprehensive website protection product launched by Youan Technology. Through Youan Technology’s proprietary WEB intrusion anomaly detection and other technologies, combined with the Youan Technology team’s years of application security attack...

1. Description: Fastjson is an open source high-performance JSON parsing and processing library, widely used in China. On May 23, Fastjson officially released a security bulletin, saying that a new deserialization vulnerability has been fixed: Fastjs…

Qiangwei Smart released new cloud-native products, and a fourth possibility of micro-isolation appeared - Daemonset. Delivered with Daemonset, it is more "cloud native", making operation and maintenance simpler, deployment easier, and collaboration more efficient!

Background Introduction The author of this article is Chen Zhijie. From 2015 to 2020, he was fortunate enough to participate in the theory and practice of Google’s Zero Trust in Production Environments. In this context…

In mid-2020, a white hat discovered the credentials used by a back-end system of a new energy car company on GitHub. The credentials simply used Base64 encryption. Although this credential cannot directly log in to the corresponding back-end system, the white hat can obtain...

Author introduction: Vice President of Ant Basic Security, Wei Tao joined Ant Financial in 2019 and is responsible for the direction of Ant Basic Security. He is also an adjunct professor at Peking University. Prior to that, he worked at Baidu from 2015 to 2019 as chief security scientist,…

1. Vulnerability description log4j is an open source log component implemented by apache. Logback is also designed by the author of log4j. It has better features and is a log framework used to replace log4j. It is the native implementation of slf4j...

On November 24, 2021, the Alibaba Cloud security team reported the Apache Log4j2 remote code execution vulnerability to Apache officials. 01 Vulnerability Description Apache Log4j2 is an excellent Java logging framework. …

Overview: Since Forrester analyst John Kindwig proposed the term "Zero Trust" in 2010, with the rise of the digital economy and remote working, Zero Trust has gradually moved from concept to implementation. As a new generation of network…