Containers

Over the last few months I have been busily building out the Kacti open source project. This is an intro to the project, its goals and roadmap, and a quick-start tutorial.

The Center for Internet Security (CIS) Benchmarks provide a system hardening profile for servers and applications. What parts of the benchmark apply to containers? And how do we use them?

A deep dive into Red Hat Advanced Cluster Security for Kubernetes (RHACS), Red Hat Security Advisories (RHSAs), and Common Vulnerabilities and Exposures (CVEs). No mention of lions, tigers, or bears.

A couple of months ago I wrote an article on StackRox and another open source project, GTFOBins. The first article looked at identifying GTFOBins components during development, and this article looks at identifying GTFOBins execution inside containers at runtime.

Recently I picked up a QMK-compatible keyboard, and wanted to see how I could modify my OpenShift development workflows to suit.

A few weeks I wrote an article on 'Living off the Land' and containers. GTFOBins is an open source project tracking binaries that could be used to support a 'Living off the Land' strategy, and this article explores integrations with StackRox.

Sigstore and StackRox are open source projects helping to address security challenges. Sigstore looks at the software supply chain, and StackRox at Kubernetes-native security models - what do they look like together?

A recent Microsoft threat intelligence report called attention to "living off the land" techniques. I thought it would be interesting to see how containers and containerised applications inherently help to mitigate these techniques.

Sigstore is an open source project enabling anyone to sign and validate software releases, including container images. This article takes a closer look at Sigstore and some of the innovation happening around the project.

Many organisations take the same approach to securing virtual machines, which I call 'Access & Agents'. While effective for virtual machines and other legacy infrastructure, this approach doesn't translate across to containers and Kubernetes, and this article looks at why.

A quick guide on how to integrate a Kubernetes-native security platform with quay.io private repositories

How do you protect your threat intelligence sharing platform from compromise? Read on to learn how SELinux and podman can support a containerised MISP deployment.