Tag: Cloud
-
Otomi – PaaS for Kubernetes
Otomi is a platform as a service for Kubernetes, well let’s unpack exactly what that breaks down to. For instance in Kubernetes you’re mostly empowered depending on how you configure your cluster by numerous plugins/resources. Depending on how you are hosting your cluster this can be limited to the CSP’s native controls but also can…
-
Jenkins in Azure
Jenkins is an open-source automation server that is widely used for continuous integration and continuous delivery (CI/CD) pipelines. It allows developers to automate the building, testing, and deployment of their software applications, making the development process faster and more efficient. For todays post this will show how to run this on Azure Virtual Machines and…
-
Istio: The Powerhouse Behind Kubernetes Networking and Security
What is Istio? Istio is a service mesh that enables microservices to interact with each other securely and efficiently. Istio provides a range of capabilities that make it easier to develop, deploy, and manage microservices, including traffic management, service discovery, load balancing, rate limiting, and service-to-service authentication. Why use Istio? Istio provides a range of…
-
AccuKnox in Kubernetes
For today’s post I’ve been wanting to cover more open-source tools that can assist your production operations suite. Enter policy enforcement tool known as AccuKnox. What is AccuKnox? In a nutshell this tool provides policy enforcement and the components that make up this tool are capable of using with Cilium as CNI and adds a…
-
Google Kubernetes Engine Up and Running in GCP
How to Get Started with Google Kubernetes Engine on GCP Kubernetes is an open-source system for automating the management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Google Kubernetes Engine (GKE) is a hosted version of Kubernetes that runs on the Google Cloud Platform…
-
How to Encrypt Secret Data at Rest in Kubernetes
Data encryption is a process of transforming readable data into an unreadable format. This is done in order to protect the data from unauthorized access. Data encryption at rest refers to the process of encrypting data when it is not being used, such as when it is stored on a disk or backup storage system.…
-
Static Analysis and Integrating this in DevSecOps strategy
Static analysis of user workloads, such as Kubernetes resources and Dockerfiles, is a key aspect of DevSecOps. By analyzing these resources before they are deployed, organizations can identify potential security vulnerabilities and issues that could compromise the integrity of their systems. One way to perform static analysis is through the use of static analysis tools.…
-
Kubesec by Control Plane for Kubernetes Static Analysis
Kubesec is a tool that is used to scan your static workloads to give you improvements that can be made to harden your existing workloads and make you aware of the findings are one step in increasing your security posture. So for this example we will be consuming this resource through the HTTPS method had…
-
Defender for Cloud (Cloud Security in Azure)
Defender for Cloud was a rebranding of Azure Security Center and is the premier offering from Microsoft Azure as a control plane for security and visibility in Azure. While this is a small view of the dashboard you can see the experience has changed in Azure, AWS and GCP as of recently you can now…
-
Q1 2022 Recap – Future
This year kicked off with high velocity first in terms of work, I’ve entered into a new role that expanded my footprint in consulting and really fit my background more on that later. For this post I’m going to focus on the goals that are laid out for the year, obviously its apparent that adoption…