Today’s topics include Quora disclosing a data breach that impacted 100 million users, and NeuVector’s 2.3 release improving container security with admission control.
Popular online question and answer site Quora reported a data breach on Dec. 3, in which personally identifiable account information from its 100 million users was stolen, including names, email addresses, and encrypted passwords, as well as data imported from linked networks when authorized by users.
An email Quora wrote to users said, “We’re still investigating the precise causes and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us. We have also notified law enforcement officials.”
To help protect impacted users, Quora has logged out users and invalidated passwords.
According to Quora, it has identified the root cause of the issue, though the company has not publicly disclosed what that issue actually involves.
NeuVector has released version 2.3 of its namesake container, cloud-native firewall technology with admission control security capabilities that can be directly integrated with the Kubernetes container orchestration platform.
NeuVector’s platform provides a container firewall that can filter application layer traffic to help identify anomalous behavior and traffic.
According to NeuVector CTO Gary Duan, “NeuVector uses the features of Kubernetes as a trigger and enforcement point for image deployment. By integrating with Kubernetes, via kube-apiserver, NeuVector can get notification for any image attempting to be deployed, then apply the policy, which an admin has configured in NeuVector to decide whether to allow or block the deployment through Kubernetes.”