The FirewallforThe Firewallblogs.thefirewall.org·Dec 11, 2024Secure Automated Container Base Image Hardening and Scanning via Jenkins & PythonIntroduction In the world of modern software development and deployment, containerization has become a cornerstone technology. Containers offer efficiency, consistency, and scalability, allowing applications to run reliably across different computing...containersecurity
Merbin Russelblog.merb.in·Nov 13, 2024Distroless: Balancing Security with PracticalityDistroless images are a type of Docker image designed to be as minimal as possible, containing only the essential components required to run a specific application. Advocates of Distroless claim that this minimalism enhances security by reducing the ...93 readsdistroless
Chetan Mohanrao Mohoddevops-concepts-by-chetan.hashnode.dev·Oct 27, 2024Essential Docker Security Practices Everyone Should KnowIf you're diving into Docker or working with containers, this post is for you. Docker is a powerful tool for building and deploying apps, but security is critical. Let's look at some simple, practical steps to secure your Docker environment. 1. Use ...Docker
Tanishka Marrottcloud-design-diaries.hashnode.dev·Oct 13, 2024Mastering Container Security (Real-Practical Steps for Building Safer, Resilient Workloads)Containerized environments have taken over modern infrastructure, but with great convenience comes even greater security risks. Let’s face it, securing containers isn’t optional—it’s mandatory. And if you’re still deploying containers without giving ...2 likessecure docker file
Tanishka Marrottcloud-design-diaries.hashnode.dev·Oct 12, 2024AppArmor and SELinux for Container SecurityContainers offer flexibility and efficiency, but they also need robust security. That’s where AppArmor and SELinux come in, adding essential layers of control. Let’s dive into these two security modules and see how they help protect containers. Plus,...2 likesSELinux
Yogesh Borudeyogeshb.hashnode.dev·Sep 23, 2024Overview of Kubernetes Network PoliciesKubernetes Network Policies are a set of rules that define how pods in a Kubernetes cluster are allowed to communicate with each other and other network endpoints. These policies enable you to control the flow of network traffic at the IP level, both...network security
Chukwudi Wowothechukwudi.hashnode.dev·Sep 18, 2024Using Dive to analyze Docker ImagesThis lab focuses on the review of docker images for extra or unneeded files to reduce attack surface using Dive. Dive is a layer-aware tool for exploring docker images, layer contents, and discovering ways to shrink the size of your Docker/OCI image....Security Labsdive
Aniket Kurkuteaniket-kurkute.hashnode.dev·Aug 24, 2024Kubernetes RBACRole-Based Access Control (RBAC) is a way in which we can regulate the access to a resource, based on the roles assigned to users, and groups in the organization. The RBAC API has 4 kinds of k8s objects: Role ClusterRole RoleBinding ClusterRoleBi...#ClusterManagement
Gerardo LopezforKubeSkillsblog.kubeskills.com·Aug 23, 2024Unlocking Kubernetes Security: The Risks of Privileged PodsIn Kubernetes, security should always be a top priority. One common pitfall that can lead to serious vulnerabilities is running pods in privileged mode. Understanding why this is dangerous and how to avoid it can significantly enhance the security po...63 readsKubernetes
D V Shashidhar Reddysik2912.hashnode.dev·Aug 21, 2024Securing Kubernetes Workloads with Secrets: A Comprehensive GuideIn the world of container orchestration, Kubernetes stands out as a powerful tool for automating the deployment, scaling, and management of applications. However, with great power comes great responsibility—especially when it comes to managing sensit...36 readsKubernetes
