Almost five years ago (which is wild to think about) I set out on a journey. That journey has resulted in amazing times, times of tragedy, incredibly depression, and months where there didn’t appear to be any way to come up for air (or any reason to want to). During this time, I grew a […]
In this short article, you’ll learn a few key team definitions for any organizations trying to implement a proper security practice. Blue Team When you implement a Blue Team within your organization, it’s all about defense. This is the typical team that organizations will start out with. If you see a SOC within an environment
3 Security Teams To Think About Implementing For Your Organization Read More »
There’s only one way to secure a Kubernetes cluster from an application stack (Deployments, Pods, ConfigMaps, Secrets, etc etc.) perspective, and that’s to see and understand an exploit. Otherwise, it’s all just theoretical, which is why it’s so important for everyone in security (including blue team) to understand how attacks work, pentesting, and vulnerabilities. In
PURPOSELY Exploiting A Kubernetes Cluster Read More »
By default, Kubernetes clusters are not secure in the slightest. Everything from: Not being forced to set SecurityContexts. The default Service Account is used to create Pods if you don’t manually set a new one. NetworkPolicies aren’t enforced. And A LOT more. One of the biggest issues is the use of tokens. In fact, it’s
Exploiting (Pentesting) An AWS EKS Cluster Read More »
In this blog post, you’ll learn about what AppSec (Application Security) is, what you need to break into AppSec, various AppSec tools, AppSpec terminology, and why it’s exciting. What’s AppSec? AppSec (Application Security) is the process of finding, fixing, and preventing security issues at the code or API (or both) level. The goal with AppSec
AppSec: The Security Specialty That Rules Them All Read More »
There have been several reports over the years from organizations like Red Hat and various security research firms and independent engineers that give us a few statistics. Two that are crucial to understand are: 93% of organizations suffer from a Kubernetes-related security risk. 55% of the security risks are due to misconfigurations. A misconfiguration could
Attacking A Kubernetes Cluster (Enter Red Team Mode) Read More »
Just about every security issue is due to a misconfiguration. Think about it – security bugs are always due to some misconfiguration at the code level. Breaches are always due to some bad authentication/authorization protocol, a bug, or some vulnerability (and the vulnerability is due to a misconfiguration as well). With Kubernetes, it’s no different,
Implementing Kubernetes Pod Security Standards Read More »
Whether you’re in the game of automation/scripting or software engineering, there’s a typical question that you’ll ask yourself. “Why this language?”. The answer could be a combination of things. Sometimes it’s proper libraries for what you’re trying to build. Other times it’s what the team is comfortable with. All said and done, a programming language
Why Python Is Good For Cybersecurity Read More »
Cybersecurity is arguably the “coolest” IT-style job role in 2024 (others may put cloud-native in that category). Because of that, many engineers are trying to get into it and they think they can get into it quick. In fact, you’ll even see colleges tell you that you can take a course and get into cybersecurity
What You ACTUALLY Need To Know For A Cybersecurity Job Read More »
Despite the innovation in the tech space from mainframes to servers to virtualization to cloud to Kubernetes, one thing holds true – resources are resources. Memory is memory. CPU is CPU. Storage is storage. These are resources that engineers still have to think and care about because, regardless of where you’re running workloads, these resources
Impacts Of Not Setting Requests, Limits, and Quotas Read More »