Demo: Reversing a Spring4Shell Attack with Prisma Cloud
When a vulnerability attacks your Kubernetes cluster, visibility matters. You need to be able to see what’s going on in order to mitigate harm.
In this episode of The New Stack Demos, David Maclean, of Prisma Cloud by Palo Alto Networks, shows Alex Williams, TNS founder and publisher, how Prisma Cloud can find and handle an attack on an application built with Spring, the popular Java framework.
Prisma Cloud offers users visibility and specific information about the Spring4Shell attack, said Maclean, a senior manager for solutions architects for the Middle East, Africa, Southern Europe and Latin America. Users, for instance, can learn “which package was it included within? Which layers of a Docker file does it reside within?”
The advantage of Prisma Cloud, which is inserted into the container runtime he added, is its ability to act as a kind of “flight recorder” of the incident, “in which to go ahead and understand what actually led up to this event. And we’ve got full visibility of not only what led up to this particular reverse shell event, but actually also any other events that are ongoing all the time.”
Check out the video to see how this cloud native application protection platform (CNAPP) works.