Kubernetes

Kubernetes Authentication

...
Kubernetes Authentication

There are 3 steps that Kubernetes uses to enforce security access and permissions - Authentication, Authorization and Admission. In this article we are going to consider Authentication first. The Authentication, Authorization and Admission Control ProcessThe first thing in Authentication is Identity. IdentityKubernetes assumes that 'users' are managed outside of Kubernetes:...

...
CONTINUE READING
Docker

Trapping Hackers with Containerized Deception

...
Trapping Hackers with Containerized Deception

TL;DR This article explores modern honeypots that leverage containerization by walking through the design of a high-interaction honeypot that can use arbitrary Docker containers to lure malicious attacks. Photo by Clint Patterson / Unsplash Introduction While honeypots have been around for a very long time, this article will attempt to...

...
CONTINUE READING
Kubernetes

Deploying Secure Firecracker MicroVMs on K8s using Weave FireKube

...
Deploying Secure Firecracker MicroVMs on K8s using Weave FireKube

IntroductionAt their 2018 annual Re:Invent conference, AWS announced an exciting new product called "Firecracker" that is quickly setting the cloud-native ecosystem on fire. Firecracker is a Virtual Machine Manager (VMM) exclusively designed for running transient and short-lived processes. In other words, it is optimized for running functions and serverless...

...
CONTINUE READING
Kubernetes

Trusted Repositories and Container Registries in Kubernetes

...
Trusted Repositories and Container Registries in Kubernetes

In this topic, we will consider some of the key capabilities of trusted repositories and container registries. We will cover secure authentication, scanning and signing of content as necessary practices that ensure a secure Kubernetes environment. In order to establish a deployment of Kubernetes cluster and application workloads into that...

...
CONTINUE READING
AWS

Part1: Kubernetes AWS Resource Access: kube2Iam

...
Part1: Kubernetes AWS Resource Access: kube2Iam

IntroductionOne of the major benefits of using containers for application, and Kubernetes for their orchestration, is that you can get the most out of the underlying virtual machines. This however, gives rise to a unique problem of managing access for PODs to various AWS services. For example: A Kubernetes node...

...
CONTINUE READING
Docker

Advanced Docker Security with AppArmor

...
Advanced Docker Security with AppArmor

So you have your Docker Containers deployed, which in turn are hosting critical applications of your organization? Great! So far, so good! For the interest of the organization, it remains extremely crucial to keep not only the Containers but also the hosted applications protected from security threats. By default, a...

...
CONTINUE READING