PinnedNoahAn Intro to Kubernetes Hardening.Securing Kubernetes requires an understanding of many moving parts. This intro discusses the most important concepts for its defence.Jan 64Jan 64
PinnedNoahHypercomputation and the Limits of Computing.We have proven physical limits on precision, speed and energy, but are yet to bound computability.Apr 30, 2023Apr 30, 2023
NoahKubernetes Security: eBPF & Tetragon for Runtime Monitoring & Policy EnforcementExploring eBPF for runtime visibility into Kubernetes workloads with Tetragon.Sep 28Sep 28
NoahThe Containerization Tech StackUnderstanding Docker, OCI, Runtimes, Namespaces, gVisor, Kata and Confidential Containers.Jul 22Jul 22
NoahKubernetes Network Security: Exploring Cilium and Istio ImplementationsComparing the designs of Cilium and Istio — both popular service mesh choices.Jun 23Jun 23
NoahKubernetes Security Tools: FalcoFlaco, the goto for real time Kubernetes threat detection.May 5May 5
NoahKubernetes Security Tools: OPA Gatekeeper & TrivyOPA Gatekeeper and Trivy are important Kubernetes security tools for admission control and to limit vulnerabilities and misconfigurations.Mar 12Mar 12
NoahKubernetes Security Tools: Seccomp & AppArmorSeccomp and AppArmor are common Linux security modules which Kubernetes supports to control workload exposure to the kernel.Mar 6Mar 6
NoahinAWS in Plain EnglishThe Issue with Security Groups for EC2 Instance Isolation.Security groups are commonly used to isolate instances as part of incident response. However, such solutions are not perfect.Mar 2Mar 2
NoahA Kubernetes Pentesting Checklist.Attacking the Kubernetes control plane, RBAC, EKS and more.Feb 4Feb 4