Stackrox

In this article I look at some approaches to "tame" OpenShift audit and event data, and show how you can use Red Hat Advanced Cluster Security for Kubernetes (RHACS) to create immediate alerts from OpenShift audit events.

Red Hat Advanced Cluster Security for Kubernetes (RHACS) v4.4 introduces a new container image scanning capability, Scanner V4. This article takes a closer look at Scanner V4 and how it compares with the existing RHACS scanning capability.

Core to any DevSecOps program is measurement and metrics. How many releases did we perform this week? How did that compare with last week? What was the lead time for changes? In this article I want to introduce a new metric for DevSecOps adoption, and how we can start to measure this throughout the cloud-native application lifecycle.

A deep dive into Red Hat Advanced Cluster Security for Kubernetes (RHACS), Red Hat Security Advisories (RHSAs), and Common Vulnerabilities and Exposures (CVEs). No mention of lions, tigers, or bears.

A couple of months ago I wrote an article on StackRox and another open source project, GTFOBins. The first article looked at identifying GTFOBins components during development, and this article looks at identifying GTFOBins execution inside containers at runtime.

A few weeks I wrote an article on 'Living off the Land' and containers. GTFOBins is an open source project tracking binaries that could be used to support a 'Living off the Land' strategy, and this article explores integrations with StackRox.

Sigstore and StackRox are open source projects helping to address security challenges. Sigstore looks at the software supply chain, and StackRox at Kubernetes-native security models - what do they look like together?