Phishing-resistant multi-factor authentication is a critical security control in 2024, and this article takes you through configuring it for OpenShift with Keycloak
Over the last few months I have been busily building out the Kacti open source project. This is an intro to the project, its goals and roadmap, and a quick-start tutorial.
A deep dive into Red Hat Advanced Cluster Security for Kubernetes (RHACS), Red Hat Security Advisories (RHSAs), and Common Vulnerabilities and Exposures (CVEs). No mention of lions, tigers, or bears.
A couple of months ago I wrote an article on StackRox and another open source project, GTFOBins. The first article looked at identifying GTFOBins components during development, and this article looks at identifying GTFOBins execution inside containers at runtime.
The OpenShift release image is a critical component of the software supply-chain for OpenShift. In this article I want to take a closer look at the release image, and how it's verified.
A few weeks I wrote an article on 'Living off the Land' and containers. GTFOBins is an open source project tracking binaries that could be used to support a 'Living off the Land' strategy, and this article explores integrations with StackRox.
Application control seems to be one of those elusive security controls that organisations spend years chasing. How can we validate which processes are authorised to run on a system, and then enforce this?