BestHub
Sign in
Tagged articles
8 articles
Page 1 of 1
Black & White Path
Black & White Path
May 2, 2026 · Information Security

Deep Security Research Report: Global Vulnerability Landscape and Root‑Cause Analysis Powered by an Automated Discovery Engine

The Innora.ai research report dissects 46 high‑impact CVEs spanning OS kernels, multimedia libraries, enterprise middleware, AI inference servers and mobile apps, revealing how an AI‑driven automated red‑team framework (DialTree‑RPO) uncovers and validates these flaws at unprecedented speed and scale.

AI-driven securityCVE analysisMobile Security
0 likes · 19 min read
Deep Security Research Report: Global Vulnerability Landscape and Root‑Cause Analysis Powered by an Automated Discovery Engine
Ray's Galactic Tech
Ray's Galactic Tech
Jan 13, 2026 · Cloud Native

Why Short‑Lived Tokens Are the Key to True Kubernetes Security

This article explains how ServiceAccount, Token, RBAC, and NetworkPolicy work together in Kubernetes, why short‑lived tokens with audience restrictions are essential, and provides practical manifests, version history, attack‑defense models, and cloud‑provider identity integrations for robust cloud‑native security.

RBACServiceAccountToken
0 likes · 8 min read
Why Short‑Lived Tokens Are the Key to True Kubernetes Security
Cloud Native Technology Community
Cloud Native Technology Community
Jun 13, 2025 · Cloud Native

CNAPP: The Key to Securing Cloud‑Native Applications from Containers to Lifecycle

This article examines the evolution of container security into comprehensive cloud‑native protection, explaining CNAPP concepts, technical roadmaps, industry challenges, and best‑practice recommendations for integrating security across the entire application lifecycle, while highlighting market trends and future directions.

CNAPPCloud NativeContainer Security
0 likes · 26 min read
CNAPP: The Key to Securing Cloud‑Native Applications from Containers to Lifecycle
Alibaba Cloud Observability
Alibaba Cloud Observability
May 19, 2025 · Information Security

How Tool‑Poisoning Attacks Exploit MCP and What to Do About It

This article analyzes the security risks of the Model Context Protocol (MCP), demonstrates a tool‑poisoning attack that steals private keys via malicious tool descriptions, explores client‑side and server‑side threat vectors, and presents observability‑based mitigation using eBPF and LoongCollector.

AI model securityMCPObservability
0 likes · 23 min read
How Tool‑Poisoning Attacks Exploit MCP and What to Do About It
Cloud Native Technology Community
Cloud Native Technology Community
Jul 6, 2023 · Industry Insights

How Confidential Computing Reinvents Security in Cloud‑Native Kubernetes

This article explains the concept of Confidential Computing, examines Trusted Execution Environments such as AMD SEV, Intel SGX and TDX, compares their security properties and performance overhead, and shows how cloud‑native platforms like Kubernetes can leverage these technologies for stronger data protection.

AMD SEVConfidential ComputingIntel SGX
0 likes · 16 min read
How Confidential Computing Reinvents Security in Cloud‑Native Kubernetes
Alibaba Cloud Developer
Alibaba Cloud Developer
Sep 9, 2022 · Information Security

How to Build a Comprehensive Cloud‑Native Kubernetes Security Monitoring System

This article examines the evolving security risks of cloud‑native architectures, explains why traditional perimeter defenses are insufficient, introduces zero‑trust principles for Kubernetes, outlines common K8s threat vectors, and presents a complete data‑collection and monitoring solution based on the open‑source iLogtail agent.

KubernetesObservabilityZero Trust
0 likes · 30 min read
How to Build a Comprehensive Cloud‑Native Kubernetes Security Monitoring System
Meituan Technology Team
Meituan Technology Team
Apr 7, 2022 · Information Security

Malicious Use of eBPF in Cloud‑Native Environments: Threats, Detection, and Defense

While eBPF powers modern cloud‑native networking and observability, attackers can exploit its kernel hooks to create stealthy rootkits that manipulate packets, rewrite files, and persist across reboots, so security teams must harden privileges, monitor BPF syscalls, audit loaded programs, and employ signature verification and LSM controls to detect and mitigate these threats.

DetectionRootkitcloud-native security
0 likes · 30 min read
Malicious Use of eBPF in Cloud‑Native Environments: Threats, Detection, and Defense