Product

35 posts in this category

All Posts Company News Events Technical Compliance Product Thought Leadership

Technical Product June 1, 2026

Fragnesia Makes Three: Why It Couldn't Touch Workloads Under a Tailored AppArmor Profile Either

Fragnesia (CVE-2026-46300) is the third universal Linux kernel LPE in the Dirty Frag class to land in under two weeks. It abuses the XFRM ESP-in-TCP path to write into the page cache of read-only files with no race condition, and ships with a one-line public exploit. For workloads running under a behaviour-generated AppArmor profile, the surface it needs was never in the allow list. This is the same non-event, a third time. Here's why, and how to confirm your exposure in seconds.

By Hannes Ullman Read more

Compliance Product May 19, 2026

How bifrost maps to the Cyber Resilience Act

Where a runtime-driven security platform fits the CRA's essential requirements, vulnerability handling obligations, and reporting timeline. Annex I, Article 13, and Article 14 walked clause by clause.

By Hannes Ullman Read more

Technical Product May 8, 2026

Why Dirty Frag Couldn't Touch Workloads Under a Tailored AppArmor Profile Either

Dirty Frag is a universal Linux kernel LPE that chains two CVEs, CVE-2026-43284 and CVE-2026-43500, explicitly designed to bypass the Copy Fail mitigation. For workloads running under a behaviour-generated AppArmor profile, neither variant's required surface was ever in the allow list. Here's why, and how to confirm your exposure in seconds.

By Hannes Ullman Read more

Technical Product May 7, 2026

Why Copy Fail Couldn't Touch Workloads Under a Tailored AppArmor Profile

Copy Fail (CVE-2026-31431) is a Linux kernel LPE that's already in CISA KEV and reaches every container that inherits the AF_ALG kernel surface by default. For workloads running under a behaviour-generated AppArmor profile, the exploit's required syscall path was never allowed in the first place. Here's why, and how to confirm your exposure in seconds.

By Hannes Ullman Read more

Compliance Product January 15, 2026

NIS2 Compliance Without the Complexity: How Bifrost Automates What Matters

The EU’s NIS2 Directive is reshaping cybersecurity expectations for digital infrastructure and SaaS providers. While traditional tools overwhelm teams with...

By Katrin Puusepp Read more

Compliance Product December 3, 2025

What the Cyber Resilience Act means for you

The Cyber Resilience Act (CRA) is the EU’s new baseline for secure-by-design software and hardware. Any product with digital elements sold in the EU — from...

By Hannes Ullman Read more

Technical Product November 7, 2025

RunC vulnerabilities and the case for tailored runtime defence

**When your container runtime is the target** RunC sits at the heart of nearly every container platform, from Docker and containerd to Kubernetes nodes. This...

By Hannes Ullman Read more

Thought Leadership Product October 29, 2025

☔️ When Alert Fatigue Becomes the Real Threat

Alerts are pouring in. Your team’s stretched. And the critical signal is buried in noise.Bifrost flips the model: we understand each service’s legit runtime...

By Hannes Ullman Read more

Product Thought Leadership October 7, 2025

✂️Cut costs, not security ✂️

Here’s how your company can cut costs without compromising on security by using bifrost:⚙️Automate manual processes⚠️Prevent costly breaches️Protect the...

By Hannes Ullman Read more

Compliance Product September 30, 2025

❗️Staying ahead of NIS2❗️

The EU’s NIS2 Directive is raising the bar for cybersecurity across Europe. From digital infrastructure to SaaS platforms, companies now face strict...

By Hannes Ullman Read more

Technical Product September 25, 2025

1 minute about AppArmor

AppArmor is a mandatory access control (MAC) Security Module that restricts the capabilities and permissions of a containerised workload. The permissions are...

By Hannes Ullman Read more

Product September 18, 2025

🛡️Whether you write code, lead, or protect, bifrost has you covered 🛡️

Let’s break down how bifrost supports key roles in modern software teams and how each can benefit from smarter, automated security!...

By Hannes Ullman Read more

Technical Product September 3, 2025

⚠️The vulnerabilities you didn’t know you inherited ⚠️

Are you confident that every dependency in your codebase is secure? That quick-fix plugin four years ago that somehow became permanent? As the usage of...

By Hannes Ullman Read more

Product Thought Leadership August 27, 2025

Not just another security tool

We know there’s plenty of security tools out there. But bifrost is built to do more than just alert you. It protects you automatically, from testing to...

By Yra Olsen Öbrink Read more

Product August 18, 2025

Getting started with bifrost is easy

Security should work with you, not against you. With bifrost, you can integrate in seconds, gain insights in minutes, and secure every release, all without...

By Yra Olsen Öbrink Read more

Thought Leadership Product August 13, 2025

AI writes the code, but who checks the security?

AI-generated code is quickly becoming a central part of modern software development. These AI agents can write, test, and deploy code with minimal human input,...

By Yra Olsen Öbrink Read more

Product August 11, 2025

Back from summer? Kickstart with bifrost!

As the summer winds down and routines pick up again, it’s time to dive into the second half of the year. Here at bifrost we're recharged and ready to help you...

By Yra Olsen Öbrink Read more

Compliance Product June 26, 2025

What CRA Means for You

The Cyber Resilience Act (CRA) is a new EU regulation that works to improve cybersecurity by establishing standards for products with digital elements sold...

By Yra Olsen Öbrink Read more

Product Thought Leadership June 25, 2025

For CTO and CISOs

Stop firefighting security threats and focus on what matters, building and shipping innovative products. bifrost automates security, empowering developers,...

By Bifrost Team Read more

Compliance Product June 24, 2025

How to Navigate DORA

As financial services become increasingly tech-driven, the risks associated with digital systems also grow. Cyberattacks, system failures, and data breaches...

By Yra Olsen Öbrink Read more

Product June 11, 2025

For Developers

bifrost integrates in seconds, learns in minutes, and protects at your next release. Just four lines of annotations, that’s all it takes to enable bifrost. No...

By Bifrost Team Read more

Product May 23, 2025

For DevSecOps Teams 🔐

Shipping fast is a non-negotiable, but every new service, dependency, and release widens the attack surface. Security is supposed to be integrated, but most...

By Bifrost Team Read more

Product May 4, 2025

Want to see bifrost in action?

We’re committed to building a safer Kubernetes ecosystem, where runtime security is proactive, continuous, and automated, not an afterthought. It’s a vision we...

By Bifrost Team Read more

Product Thought Leadership April 24, 2025

For DevOps

**For DevOps ⚙️** We get it, DevOps is all about speed, reliability, and efficiency. But security? It often feels like an afterthought. Traditional security...

By Bifrost Team Read more

Product March 26, 2025

Deep Dive: Visibility

In software management, visibility is significant for understanding and improving performance. Bifrost offers insights into your software’s behaviour, providing...

By Bifrost Team Read more

Technical Product March 12, 2025

Boosting Security with AppArmor 🚀

bifrost’s service leverages AppArmor, a Linux Security Module, to protect applications. But how does AppArmor work to protect your software? Let’s take a...

By Bifrost Team Read more

Product February 27, 2025

Deep dive: Effortless Set-up

Streamlining setup and simplifying access management of software services can significantly reduce the administration of many development teams. Our service is...

By Bifrost Team Read more

Technical Product February 14, 2025

A Tribute to Kubernetes Providers 🥇

Kubernetes providers make life easier for developers everywhere, especially for those of us wanting to use Kubernetes without the hassle of creating and...

By Bifrost Team Read more

Product February 8, 2025

Deep dive: Security Made Simple

Many organisations find it challenging to effectively protect their containerised applications in a world of complex cloud security. bifrost is designed with...

By Bifrost Team Read more

Product Company News January 16, 2025

Kickstart 2025 with Improved Runtime Security 🚀

As the new year begins, we’re thrilled to be back in the office to see what 2025 has in store. At bifrost security, our mission is clear: help DevOps teams...

By Bifrost Team Read more

Product November 28, 2024

Deep Dive: Visibility 

In software management, visibility is significant for understanding and improving performance. Bifrost offers insights into your software’s behaviour, providing...

By Bifrost Team Read more

Product October 11, 2024

Deep dive: Effortless Set-up

Streamlining setup and simplifying access management of software services can significantly reduce the administration of many development teams. Our service is...

By Bifrost Team Read more

Technical Product October 2, 2024

Our compatible Kubernetes providers

Kubernetes providers make life easier for developers everywhere, especially for those of us wanting to use Kubernetes without the hassle of creating and...

By Bifrost Team Read more

Product August 27, 2024

Deep dive: Security Made Simple

Many organisations find it challenging to effectively protect their containerised applications in a world of complex cloud security. bifrost is designed with...

By Bifrost Team Read more

Thought Leadership Product August 22, 2024

Why is Cloud Native Security important to you?

The growing landscape of cloud computing has revolutionised the way modern applications are built. Bringing a wave of agility, automation, and innovation....

By Bifrost Team Read more