Docker SBOM: Keeping a Check on Security Risks
Understand SBOM and how Docker SBOM generates a list of software of the container images to prevent any threat. The Log4j vulnerability and SolarWinds supply chain attack have made us realize that software supply chains are at great risk of being targeted by attackers. The Docker SBOM helps detect these risks. Software supply chain security comprises everything required to build, deliver […]
Kubernetes native network policies from zero to hero!
Kubernetes native network security policies by example. The Kubernetes network model is a “flat” network design. This means that all pods on one node can communicate freely with all pods on all the other nodes without being address translated, or blocked. The networking is implemented by a CNI (Container Networking Interface). Examples of popular CNI’s are Cilium, Calico, […]
How to TCPdump in Kubernetes !
An introduction and references for tcpdump troubleshooting in kubernetes.
How to TCPdump effectively in Docker !
An introduction and references for tcpdump troubleshooting in kubernetes.
Learning about Linux namespaces in #docker and #kubernetes !
A practical walkthrough in exploring namespaces in relation to docker and kubernetes. As you probably know, containers running on the same host, share the Linux kernel. That’s why a container image does not contain a kernel, only software and tools that make up a distro like for example a package manager. So, if containers share […]
Securing Kubernetes with Kyverno
Introduction to Kyverno and exploring some of its security policies for Kubernetes In recent times, Kubernetes has become the default standard to manage the containers at scale. It can be configured and installed in N different ways which are good in terms of flexibility but can be a nightmare to configure security. If security is not configured in the right […]
