This week's articles
Top Open Source Kubernetes Security Tools of 2021
#build, #defend, #kubernetes
The top eight most popular open source Kubernetes security tools identified by a Redhat survey: OPA, KubeLinter, Kube-bench, Kube-hunter, Terrascan, Falco, Clair, and Checkov.
Cloud Security Orienteering
#defend, #strategy
How to orienteer in a cloud environment, dig in to identify the risks that matter, and put together actionable plans that address short, medium, and long term goals. You can also refer to the companion check list.
New Terraform Planning Options
#announcement, #explain, #terraform
Terraform introduced new planning options: "refresh=false", "-refresh-only", and "-replace".
Mutating Kubernetes resources with Gatekeeper
#explain, #kubernetes, #opa
Gatekeeper has recently introduced the ability to mutate resources. Mutation means that policy can change Kubernetes resources based on different criteria.
A Deep Dive Into Kubernetes Schema Validation
#build, #kubernetes
How do you ensure the stability of your Kubernetes clusters? How do you know that your manifests are syntactically valid? Are you sure you don't have any invalid data types? Are any mandatory fields missing?
|
|
Tools
kubeview
KubeView displays what is happening inside a Kubernetes cluster (or single namespace), it maps out the API objects and how they are interconnected.
n8n
n8n is an extendable workflow automation tool.
|
|
From the cloud providers
Introducing AWS Backup Audit Manager
AWS Backup announces AWS Backup Audit Manager, a new feature that allows you to audit and report on the compliance of your data protection policies to help you meet your business and regulatory needs.
How to automate forensic disk collection in AWS
A hands-on solution you can use for automated disk collection across multiple AWS accounts. This solution will help your incident response team set up an automation workflow to capture the disk evidence they need to analyze to determine scope and impact of potential security incidents.
Visualizing AWS Config data using Amazon Athena and Amazon QuickSight
By default, AWS Config stores data in an S3 bucket. Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. When configuration snapshots and configuration history data are aggregated in Amazon S3, you can use Athena to query the JSON data directly using SQL statements. You can then visualize your Athena SQL views and queries in Amazon QuickSight, which lets you easily create and publish interactive BI dashboards by creating data sets.
Accreditation Models for Secure Cloud Adoption
This whitepaper provides cloud accreditation best practices to help you capitalize on the security benefits of commercial cloud computing while maximizing efficiency, scalability, and cost reduction.
|
|
Thanks for reading!
|
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌 If you have questions, comments, or feedback, let me know on Twitter ( @lancinimarco / @CloudSecList), or at feedback.cloudseclist.com! Thanks, Marco
|
|
|