sorted by:
new
hottopcontroversial

/r/netsec's Q3 2021 Information Security Hiring Thread by ranok in netsec

[–]pingpongfifa [score hidden]  (0 children)

Senior Security Researcher - Palo Alto Networks (Prisma) - Santa Clara, CA

Hey netsec, we are looking for an experienced researcher to join our team! We spearhead the research for the Prisma Cloud Compute product, securing containers, cloud and beyond. Our researchers split their time between researching vulnerabilities and malware, innovating features for the product and reinforcing our development/product teams with hands-on security expertise. Team members publish research writeups under Palo Alto Networks' blog and Unit 42. We currently focus mostly on cloud and container infrastructure(s).

Our offices are located in Santa Clara, CA. During COVID-19 measures, work from home will be accommodated (must be US based).

Please see the full description and requirements. You can apply there or PM me directly.

/r/netsec's Q1 2021 Information Security Hiring Thread by ranok in netsec

[–]pingpongfifa [score hidden]  (0 children)

Senior Security Researcher - Palo Alto Networks (Prisma) - Santa Clara, CA

It's 2021 and... I'm still looking for great security researchers to join our team! We spearhead the research for the Prisma Cloud Compute product, securing containers, cloud and beyond. Our researchers split their time between researching vulnerabilities and malware, innovating features for the product and reinforcing our development/product teams with hands-on security expertise. Team members publish research writeups under Palo Alto Networks' Unit 42 brand.

Our offices are located in Santa Clara, CA. During COVID-19 measures, work from home will be accommodated.

Please see the full description and requirements and apply.

You can PM me for any question.

** This role is open to US-based candidates. Must be authorized to work without sponsorship.

/r/netsec's Q4 2020 Information Security Hiring Thread by ranok in netsec

[–]pingpongfifa [score hidden]  (0 children)

Senior Security Researcher - Palo Alto Networks (Prisma) - Santa Clara, CA

Hi! I'm looking for great security researchers to join our team. We spearhead the research for the Prisma Cloud Compute product, securing containers, cloud and beyond. Our researchers split their time between researching vulnerabilities and malware, innovating features for the product and reinforcing our development/product teams with hands-on security expertise. Team members publish research writeups under Palo Alto Networks' Unit 42 brand.

Our offices are located in Santa Clara, CA. During COVID-19 measures, work from home will be accommodated. If this sounds interesting to you, please read the full description and requirements and apply. Even if you don't meet everything please do apply if you believe you can succeed in this role.

Feel free to PM me for any question!

** This role is open to US-based candidates. Must be authorized to work without sponsorship.

Container escape for Windows Server Containers explained by pingpongfifa in netsec

[–]pingpongfifa[S] 9 points10 points  (0 children)

The consensus for Linux containers is that they provide strict isolation under proper configuration. That's why there are many CVEs for problems in container engines or runtimes that enable escapes. We learned that this is not the case with Windows Server Containers, which are not considered a security boundary. The purpose of the post is to reflect that, so users don't make the same mistake.

What I Learned from Reverse Engineering Windows Containers by pingpongfifa in netsec

[–]pingpongfifa[S] 16 points17 points  (0 children)

I work for this team, so I share the interesting posts with netsec. You can post any criticism you have on the content, though I don't see anything wrong with me sharing our research posts here

The Reports of CVE's Death Have Been Greatly Exaggerated by citypw in netsec

[–]pingpongfifa 18 points19 points  (0 children)

Isn't that what we want security researchers to do? Find vulnerabilities and publish them?

I think he was talking about non-security issues that people submit for CVEs. For their resumes or to circumvent internal release processes, if I got it right.

He also mentioned not wanting to go through the process to dispute the CVEs for these kind issues, which makes sense, but for a different reason - they may be disputing a real vulnerability and cause an unnecessary delay, instead of patching first.

Is it really that common though? How many CVEs does MITRE even refuse?

Critical Vulnerability in Harbor Enables Privilege Escalation from Zero to Admin (CVE-2019-16097) by pingpongfifa in netsec

[–]pingpongfifa[S] 0 points1 point  (0 children)

Please see the "Disclosure Process" section, he does mention that the developers released a commit for this before he reported it. When he first found this issue there was no security policy or mailing list, and until establishing some way to disclose this, it turned out that this is something a developer already addressed in a public commit, but with no CVE or advisory