Category: Blog
-
How to Encrypt Secret Data at Rest in Kubernetes
Data encryption is a process of transforming readable data into an unreadable format. This is done in order to protect the data from unauthorized access. Data encryption at rest refers to the process of encrypting data when it is not being used, such as when it is stored on a disk or backup storage system.…
-
AKS and Prometheus
What is Prometheus? Prometheus is an open source monitoring system which was originally built by SoundCloud. It is now a part of the Cloud Native Computing Foundation. Prometheus scrapes metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some condition is met. Azure Kubernetes Service (AKS)…
-
How to Enable Audit Logging on a Kubernetes Cluster
How to Enable Audit Logging on a Kubernetes Cluster In this blog post, we’ll show you how to enable audit logging on a Kubernetes cluster. Audit logging is a valuable tool for understanding what’s happening on your cluster, and can be used to troubleshoot issues or investigate potential security problems. We’ll cover what audit logging…
-
How to Find the Best Cloud-Native Jobs in an Ever-Changing Economy
How to Find the Best Cloud-Native Jobs in an Ever-Changing Economy As the world economy continues to change and evolve, so too do the types of jobs that are in demand. One of the most rapidly growing areas in the job market today is cloud-native jobs. Cloud-native jobs refer to positions that make use of…
-
Falco up and running in Kubernetes
Previously we wrote on using AppArmor in Linux that is native to Linux what about detection of system calls that can happen from Linux? These are a good area to monitor and can be used in conjunction with other tools like Tracee by Aqua Security as well for more data to identify alerts. In summary…
-
AppArmor in Kubernetes Linux Security Modules
Linux security modules are kernel extensions that allow the kernel to enforce certain security policies on the system. One such security module is AppArmor, which is a mandatory access control system that allows system administrators to specify which programs can access which resources on the system. It is typically used to protect against malicious software…
-
Static Analysis and Integrating this in DevSecOps strategy
Static analysis of user workloads, such as Kubernetes resources and Dockerfiles, is a key aspect of DevSecOps. By analyzing these resources before they are deployed, organizations can identify potential security vulnerabilities and issues that could compromise the integrity of their systems. One way to perform static analysis is through the use of static analysis tools.…
-
Azure Kubernetes Fleet Manager (First Look)
Azure Kubernetes Fleet Manager is a product that makes it easier to manage and scale a fleet of Azure Kubernetes Service (AKS) clusters. It allows users to deploy and manage multiple AKS clusters across various environments and regions, all from a single pane of glass. This simplifies the process of managing and maintaining large-scale container-based…
-
OPA in Kubernetes and Policies Playground
Open Policy Agent is a project that uses rego files to enforce policies on your kubernetes cluster while v1.26 is starting to roll out some features in beta that are more native to kubernetes. You have many pluggable options to use such as gate-keeper/kyverno are most notable in this space again this will serve as…
-
Kubescape (KSPM) Open Source
Kubernetes Security Posture Management shouldn’t be thought of as your CSPM but is typically a part of the scoring system depending on what type of security solutions you have in place. Kubernetes Security Posture Management focus on your clusters deployed either in a on-prem scenario or cloud along with management of the nodes and containerized…