PinnedAn Intro to Kubernetes Hardening.Securing Kubernetes requires an understanding of many moving parts. This intro discusses the most important concepts for its defence.Jan 64Jan 64
PinnedHypercomputation and the Limits of Computing.We have proven physical limits on precision, speed and energy, but are yet to bound computability.Apr 30, 2023Apr 30, 2023
Kubernetes Security: eBPF & Tetragon for Runtime Monitoring & Policy EnforcementExploring eBPF for runtime visibility into Kubernetes workloads with Tetragon.Sep 28Sep 28
The Containerization Tech StackUnderstanding Docker, OCI, Runtimes, Namespaces, gVisor, Kata and Confidential Containers.Jul 22Jul 22
Kubernetes Network Security: Exploring Cilium and Istio ImplementationsComparing the designs of Cilium and Istio — both popular service mesh choices.Jun 23Jun 23
Kubernetes Security Tools: OPA Gatekeeper & TrivyOPA Gatekeeper and Trivy are important Kubernetes security tools for admission control and to limit vulnerabilities and misconfigurations.Mar 12Mar 12
Kubernetes Security Tools: Seccomp & AppArmorSeccomp and AppArmor are common Linux security modules which Kubernetes supports to control workload exposure to the kernel.Mar 6Mar 6
Published inAWS in Plain EnglishThe Issue with Security Groups for EC2 Instance Isolation.Security groups are commonly used to isolate instances as part of incident response. However, such solutions are not perfect.Mar 2Mar 2
A Kubernetes Pentesting Checklist.Attacking the Kubernetes control plane, RBAC, EKS and more.Feb 4Feb 4
