#attack, #kubernetes

An analysis revealed that in 62.5% of the Kubernetes platforms reviewed, privileged DaemonSets distributed powerful credentials across every node in the cluster. As a result, in 50% of platforms, a single container escape was enough to compromise the entire cluster.

#attack, #aws, #azure, #gcp

Article exploring how ransomware threat actors might operate in cloud environments, and what approaches they might use to attack and impact resources in public clouds.

#attack, #containers

A journey through a bypass of a new eBPF-based observability and mitigation tool named Tetragon, developed in the two hours after the tool was first set up, as a hopefully instructive lesson on the importance of security fundamentals.

#attack, #azure

A step-by-step process for automating Azure abuse research, with examples for Azure Virtual Machines and their Managed Identities.

#monitor, #strategy

A foundational framework for thinking about threat detection in public cloud computing.

#aws, #defend, #strategy

AWS have released their own security maturity model, but does it stack up against what we're seeing in real-world attacks and in the approaches being suggested by the rest of the AWS security community?

A much needed style guide providing a collection of recommendations and best practices for authoring Rego.

#build, #iac, #terraform

Post which explores different best practices for Terraform and Infrastructure as Code, analyzes various options for handling and structuring Terraform projects, and shows how adopting helper tools could make our life easier.

#defend, #kubernetes

How combining Gatekeeper + Cosign for image signature validation with the new external_data feature lets you stop untrusted images from being deployed on your Kubernetes cluster.

Evaluate the RBAC permissions of serviceaccounts, pods and nodes in Kubernetes clusters through policies written in Rego.

Using OpenPolicyAgent to implement Field-level Authorization in GraphQL.

kubeaudit helps you audit your Kubernetes clusters against common security controls.

Exec into a node via kubectl.

This guide provides a comprehensive set of controls for startups that want to establish a strong security foundation in the AWS Cloud.

AWS Network Firewall now supports AWS Managed Threat Signatures to detect threats and block attacks against known vulnerabilities so you can stay up to date on the latest security threats without writing and maintaining your own rules.

How to use your existing Microsoft Active Directory (AD) to reliably authenticate access to AWS accounts, infrastructure running on AWS, and third-party applications.

Google announced the Chrome Enterprise Connectors Framework, a new way to integrate Chrome browser with Google Workspace and other Cloud products, including Google Cloud Pub/Sub, Chronicle, BeyondCorp Enterprise, and Chrome Browser Cloud Management.

How to implement DORA best practices with Google's DevOps Enterprise Guidebook.

Network Analyzer auto-detects failures caused by the underlying network, surfaces root cause analyses, and suggests best practices to improve the availability, performance, and security of services.

Microsoft announced the GA of Azure Key Vault Secrets Provider extension for Arc enabled Kubernetes clusters. This is a Microsoft managed extension that allows you to get secret contents stored in an Azure Key Vault instance and mount them into Kubernetes pods of your Azure Arc enabled Kubernetes clusters.