This week's articles
Integrating threat modeling with DevOps
Reflections on how it is possible to adopt threat modeling more effectively and efficiently, integrating it with modern DevOps methodologies and tools, and focusing on the value provided to all the various actors involved with the Software Development Lifecycle.
#strategy
threatmodel-for-azure-storage
A library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based approach.
#azure
#defend
Restricting cluster-admin Permissions
The cluster-admin ClusterRole gives the user access and permission to do all operations on all resources in the cluster. What if we need to block an action performed by cluster admins? We can't do it with RBAC, it only allows for adding of permissions, not taking them away.
#defend
#iam
#kubernetes
|