Category: Blog

Today I felt like we should take a more tailored approach to some security features in general that also tie into kubernetes security specialist exam. Verifying platform binaries So for today I wanted to take a dive into the tool Kube-Score this will be running on my local microk8s cluster and I had to actually…

Container runtimes what are they and what are the risk of choosing them on our nodes we want our workloads to run? How are we able to have choices that can still run in a desired format? For starters it’s likely you’ll explore this concept if your going under the surface of what runs in…

Certified Kubernetes Administrator is the premier certification in my opinion if your in DevOps its likely you’ll come across this technology and cross the linux foundation in your OSS studies. Given that this exam was a pain in the rear so to speak taking multiple times I felt like I could at least write a…

It’s no secret the pluggable nature of Kubernetes unlocks limitless potential for instance, the Container Network Interface is changeable and depends on the CSP you’re running this if its PaaS. What does all that mean? Essentially if your needs can’t be met with out of the box kubenet (traditional) you’ll like start shopping around of…

Containers are a portable lightweight way to package your application with the underlying OS being a tiny image, but like anything with new innovation is also a external attack surface. Using documentation from docker as reference in a Dockerfile listed below with annotations So how do we look at containers for security? Container image scanning…

Many customers that I’ve been advising constantly are challenged with how much access should be restricted without disruption to business operations. Typically, when we’re approaching Zero-Trust a backbone of Azure is Azure AD that sits as the IdP. In this I’m going to show some features that I find many customers unaware of in Conditional…

From a graphical standpoint its easy to see the control plane as being multiple components the idea of microservices is splitting these services up to be infrastructure independent and for the most part it is important to understand this as you’re organization is considering moving to kubernetes. Multiple approaches to adoption can be determined by…

Certified Kubernetes Administrator has been on my mind for the last year but I didn’t have enough time to start on the curriculum due to other vouchers I had were expiring so now I found myself with one month to burn a CKA + CKS Bundle. This was in the back of my mind but…

You’re likely wondering how are microservices orchestration services secured and what tools do exist to give us visibility. The biggest concern I see with many that have moved to cloud without proper strategies such as CAF and establishing Governance/Security as code prior to the leap, is visibility. How are my services actively exposed? Aqua Security…