#aws, #explain

A guide that can help you prepare for the "AWS Certified Security - Specialty" certification exam.

#containers, #explain

What are these distroless images, really? Why are they needed? What's the difference between a container started from a distroless base and a container started from scratch? Let's take a deeper look.

#defend, #kubernetes

The top five security measures that CISOs should be thinking about for any Kubernetes implementation.

#strategy, #supply-chain

The industry movement towards SBOMs needs material interventions to be usable at scale for exceedingly basic use cases. This post hopes to begins a discussion at the industry level that brings us closer to our desired state and to challenge the notion of what that desired state even is.

#announcement, #kubernetes

A long-standing request from the Kubernetes community has been to have a programmatic way for end users to keep track of Kubernetes security issues (CVEs). Accompanying the release of Kubernetes v1.25, such feed is now an alpha feature.

#strategy, #supply-chain

This guide outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer's workflow. This paper is split into two parts: a solution-agonistic set of practices and a maturity model-based implementation guide.

#announcement, #containers, #falco

The Falco-gVisor integration means that gVisor users now only need to instrument each host for monitoring, rather than every application, enabling Falco to monitor both containers and nodes.

#attack, #azure

Secureworks researchers analyzed how the protocols used by Pass-Through Authentication (PTA) could be exploited. The result? A compromised PTA agent certificate gives threat actors persistent and undetectable access to a target organization.

#explain, #kubernetes

A recap of some of the interesting new security changes in Kubernetes 1.25.

#build, #kubernetes, #opa

An example on how to use OPA and Gatekeeper to automate security and compliance in Kubernetes.

CloudFox helps you gain situational awareness in unfamiliar cloud environments. It's an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. You can also refer to the companion blog post.

Constellation is a Kubernetes engine that aims to provide the best possible data security. It wraps your K8s cluster into a single confidential context that is shielded from the underlying cloud infrastructure. Everything inside is always encrypted, including at runtime in memory.

Eraser helps Kubernetes admins remove a list of non-running images from all Kubernetes nodes in a cluster.

Force CloudFormation to generate a tree view for any stack.

AWS announced the general availability of AWS Incident Detection and Response, that offers AWS Enterprise Support customers proactive monitoring and incident management for their selected workloads.

AWS Security Hub has launched a new control for its Foundational Security Best Practice standard (FSBP) to enhance your Cloud Security Posture Management (CSPM).

SNS is launching a public preview of message data protection, a new set of capabilities for Amazon SNS Standard Topics that leverage pattern matching, machine learning models, and data protection policies to help security and engineering teams facilitate real-time data protection in their applications that use Amazon SNS to exchange high volumes of data.

Starting October 11, 2022, at 9:00 AM Pacific Time, public certificates obtained through ACM will be issued from one of the multiple intermediate certificate authorities (CAs) that Amazon manages.

With protection groups, users can customize the scope of DDoS detection for application layer events & accelerate mitigation for infrastructure layer events.

How to set up an Amazon Elastic Kubernetes Service (Amazon EKS) cluster such that the applications hosted on the cluster can have their outbound internet access restricted to a set of hostnames provided by the Server Name Indication (SNI) in the allow list in the AWS Network Firewall rules.

A managed backup and disaster recovery (DR) service for centralized, application-consistent data protection. Protect workloads running in Google Cloud and on-premises.

The Cloud Run documentation now captures Terraform instructions alongside Console, Command Line and YAML. Samples come from the terraform-docs-samples repo.

Metrics from Kubernetes control plane components, including the API server, scheduler, and controller manager, are now Generally Available in GKE.

Google announced the completion of its acquisition of Mandiant. Mandiant will join Google Cloud and retain the Mandiant brand.

Encrypting managed disks with cross-tenant customer-managed keys (CMK) enables you to encrypt managed disks with cross-tenant customer-managed keys using Azure Key Vault hosted in a different Azure Active Directory (AD) tenant.