サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
猫
blog.aquasec.com
Starboard: The Kubernetes-Native Toolkit for Unifying Security There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes environments. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of commands and
Tracee, by Aqua Security, is an open source, lightweight, and easy to use container and system tracing utility. Tracee allows you to trace events that were generated within containers only, without needing to filter out other system processes. Tracee is powered by eBPF technology. eBPF enables users to run programs that help with the observability of the system. In this blog post I will discuss wh
The premise of DevSecOps is that in the Software Development Life Cycle (SDLC), each member is responsible for security. This unifies the operations and development teams in terms of security operations. DevSecOps’ goal is to add security to each step of the development process by integrating security controls and processes as early as possible in the DevOps process. In this post, I’ll describe ho
This week at Velocity Berlin, I’ll be giving a talk called A Beginner’s Guide to eBPF. To coincide with it, we’re opening up a new Aqua Security open source project called Tracee, which uses eBPF to trace events in containers. This isn’t something that most developers need to do on a day-to-day basis, but for those of us interested in the details of implementing container security, this can be a h
In this post I’ll describe how an attacker, who manages to run malicious code on a cluster can, with no special permissive permissions, successfully spoof DNS responses to all the applications running on the cluster, and from there execute a MITM (Man In The Middle) on all network traffic of pods. Before we get into the attack scenario, let’s understand how Kubernetes intra-node networking works.
Like many of you working in Docker-space, over time I’ve come across a ton of third-party tools that improve management, cleanup, orchestration, development and other container processes. I’ve compiled a list of (I think) some of the lesser-known tools that I have found to be particularly useful and easy to use, and sometimes better than equivalent, more well-known tools. Orchestration You’ve prob
このページを最初にブックマークしてみませんか?
『blog.aquasec.com』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く