This week's articles
State of Kubernetes Security Report
The State of Kubernetes Security Report examines how companies are adopting Kubernetes, containers, and cloud-native technologies while meeting the challenges of securing their Kubernetes applications.
#kubernetes
#strategy
Announcing the results of Istio's first security assessment
The assessment evaluated Istio's architecture as a whole for security related issues with focus on key components like istiod (Pilot), Ingress/Egress gateways, and Istio's overall Envoy usage as its data plane proxy. An important conclusion from the report is that the auditors found no "Critical" issues within the Istio project.
#kubernetes
#istio
Windows Container Forensics
Post detailing both the research process and useful findings about Windows containers. It primarily focuses on the filesystem layers and does not cover containerised registry hives.
#docker
#forensics
AWS Incident Response Playbook Samples
A collection of playbooks covering several common scenarios faced by AWS customers. They outline steps based on the NIST Computer Security Incident Handling Guide, that can be used to gather evidence, contain and then eradicate the incident, recover from the incident, and conduct post-incident activities.
#aws
#defend
File Permissions: the painful side of Docker
The whole issue with file permissions in docker containers comes from the fact that the Docker host shares file permissions with containers (at least, in Linux).
#docker
#explain
|