EdgeBit Blog

Learn more about vulnerablity management, software supply chain security and other security technologies from EdgeBit experts – engineers, security researchers and our product team.

By Eugene Yakubovich, Chief Architect & Founder • May 25, 2023
EdgeBit’s May release expands our previously announced ability to deploy through Kuberentes and connect your Kubernetes workloads back to supply chain artifacts in your build pipelines. Civo Kubernetes Civo Kubernetes comes in two flavors, one using k3s with Alpine Linux and one using Talos Linux. The EdgeBit Linux agent has been tuned to some of the differences between k3s and mainstream Kubernetes. Our engineering team worked with the Civo team to streamline Alpine configuration of fanotify, eBPF and BTF (BPF Type Format, the metadata format which encodes the debug info for BPF programs).
By Russell Haering, CTO & Founder • April 12, 2023
Today we are excited to announce support for Kubernetes within EdgeBit, enabling companies to gain easy insights into software vulnerabilities within their clusters in addition to their cloud machines and bare metal servers. DaemonSet Based Agent Deployment Deploying the EdgeBit agent on Kubernetes clusters is now as easy as kubectl deploy. By deploying the agent as a DaemonSet, the administrators can use the standard Kubernetes tooling and avoid installing it directly on the host via a tarball or a package manager.
By Eugene Yakubovich, Chief Architect & Founder • April 4, 2023
We’ve heard people say that the only way to fix the vulnerability firehose is with automatic patching. Automating the vulnerability management process is certainly key but the complete fire-and-forget approach is fraught with problems. In this post, we’ll explore why it’s not as simple as enabling dependabot. Fully automated = win? Scanning a code repository for dependencies and the associated vulnerabilities is the first step in the process. There are many tools available today that are capable of this task.
By Eugene Yakubovich, Chief Architect & Founder • March 13, 2023
EdgeBit’s mid-March release adds multi-arch support to the EdgeBit Linux agent so you can cover your entire x86 and ARM64-based fleet and expanded container runtime support. ARM64 Architecture Performance and price trade offs make ARM instances in the cloud a popular choice for some workloads, and now EdgeBit supports these machines with v0.2.0 of the Linux agent. The agent quick install script will now detect and use the correct architecture. RPM and Deb packages are also updated for each architecture.
By Rob Szumski, CEO & Founder • March 3, 2023
You’ve likely heard of an SBOM – a software bill of materials. It’s an accounting of the libraries and dependencies in your application. You might be aware of its two companions: Vulnerability Disclosure Report (VDR) Vulnerability Exploitability eXchange (VEX) Let’s learn what each of these are and how they keep our supply chains secure. What is a Vulnerability Disclosure Report? NIST’s Software Supply Chain Security guidance covers “(ix) attesting to conformity with secure software development practices;” and provides further guidance on how to accomplish that with a Vulnerability Disclosure Report.
By Rob Szumski, CEO & Founder • February 27, 2023
Today I want to discuss a new concept: the real-time software bill of materials (SBOM). A real-time SBOM is an inventory of a live server, with a filter for packages and libraries that are active and running. EdgeBit is a tool to secure your software supply chain that focuses on code that is actually running. This simplifies vulnerability management as it cuts through noise. The real-time SBOM is the brains behind the noise reduction.
By Rob Szumski, CEO & Founder • December 22, 2022
ThreatVector is an ongoing series where we break down recent security incidents in the news to understand how they happened, how they spread and what the ramifications are for companies as they evolve their defenses. LastPass recently updated details on it’s latest security incident, in which cloud storage was accessed that stored unencrypted customer details as well as certain unencrypted data like website URLs that was stored adjacent to the encrypted fields: username, password, secure notes, etc.
By Rob Szumski, CEO & Founder • November 26, 2022
The identity of your code – a cryptographic hash of it – can’t be spoofed or stolen. This is a powerful property that can make your infrastructure extremely secure. Let’s explore this concept by building up to making a request to Amazon’s Key Management Service (KMS) to return a decryption key that only a specific piece of code should have access to. At build time: calculate the expected values of our cryptographic hashes record these into an access policy record these into an audit trail to find code when given a specific hash At run time: calculate the actual values sign an attestation containing these values, anchored by trusted party Optional, but useful at run time: provide guarantees the environment won’t be mutated from our trusted state provide guarantees that sensitive data can’t be read from memory by other processes provide protection from unwanted network egress Each of these properties is fulfilled by AWS Nitro Enclaves, a form of secure enclave like your iPhone contains, but on a server.
By Eugene Yakubovich, Chief Architect & Founder • November 2, 2022
Today we introduce a new open source tool, Enclaver to aid engineers in building, testing and running code within secure enclaves, starting with AWS Nitro Enclaves. View on GitHub ★ Star on GitHub Read Docs Enclaver is the start of the technological foundation for achieving EdgeBit’s mission: to empower cloud services to consume and process data securely – in a way that maintains customer control over data, without getting in the way.
By Rob Szumski, CEO & Founder • September 16, 2022
ThreatVector is an ongoing series where we break down recent security incidents in the news to understand how they happened, how they spread and what the ramifications are for companies as they evolve their defenses. Details have just emerged about a devastating, wide-ranging compromise of Uber from their corporate network, VPN, Google GSuite and their production AWS infrastructure, including databases. Our last ThreatVector post covered how social engineering allowed the Twilio compromise and subsequent Signal account takeover and this situation appears to have unfolded in similar fashion:
By Rob Szumski, CEO & Founder • September 14, 2022
The rise of Software as a Service (SaaS) has unlocked an immense amount of value for enterprises and consumers alike. The cost of that value has been control over your data. With security incidents and sophisticated vendor traversal attacks (like the Aug. 2022 hack of Twilio & Signal) becoming more commonplace, the lack of control is starting to show its true cost. Introducing EdgeBit We’re founding EdgeBit because we believe that we can solve this problem – to empower SaaS services to consume and process data securely – in a way that maintains customer control over data, without getting in the way.
By Rob Szumski, CEO & Founder • September 14, 2022
ThreatVector is an ongoing series where we break down recent security incidents in the news to understand how they happened, how they spread and what the ramifications are for companies as they evolve their defenses. The messaging and communications giant Twilio was attacked via a social engineering on August 4, 2022 with an unknown number of employee accounts being taken over but 125 customers impacted. There are a few notable attributes about this attack: