This week's articles
Policy Language Security Comparison
Trail of Bits completed a comparative security assessment of authorization policy languages: Cedar, Rego, and the OpenFGA modeling language.
#explain
#opa
Noisy Neighbor Detection with eBPF
This article discusses Netflix's use of eBPF to detect noisy neighbors in cloud environments. It explains their custom solution for identifying CPU-hogging processes and mitigating their impact on shared resources, improving overall system performance and reliability.
#build
Kubernetes CRD generation pitfalls
A blog about some pitfalls learned generating Kubernetes Custom Resources with "controller-gen" over the years, and how to do more rigid validation and defaulting with it.
#build
#kubernetes
Privilege Elevation in Entra ID: UnOAuthorized
This article discusses how attackers can exploit Microsoft applications to gain unauthorized privilege elevation in Active Directory environments, highlighting risks and providing mitigation strategies for administrators to protect against such threats.
#attack
#azure
CloudGoat Official Walkthrough Series: glue_privesc
This blog post walks through one of the newest CloudGoat scenarios, glue_privesc, where you will attempt to move through an AWS environment and perform privilege escalation against the Glue service in order to capture the flag.
#attack
#aws
|