Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster

Read on https://github.com/inguardians/peirates

Quick update!
We’ve updated the Kubernetes troubleshooting flowchart to include translations in Spanish, Mandarin, Korean and Portuguese. Many thanks to @elnemesisdivina @yorchveintemil @usernametoken Marcelo & Hoon Jo! 👏👏👏

You can download the poster here: https://learnk8s.io/troubleshooting-deployments

Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organisation

→ https://github.com/vchinnipilli/kubestriker

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam

Read on https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist

Kubernetes API Access Security Hardening

👉 https://goteleport.com/blog/kubernetes-api-access-security

Scheduled backup of Vault secrets with Jenkins on Kubernetes

Read more https://igorzhivilo.com/vault/scheduled-backup-vault-secrets

In this article you will learn how to secure Containers with Cosign and Distroless images

Read on: https://infracloud.io/blogs/secure-containers-cosign-distroless-images

Kubernetes Network Policies: a practitioner's guide

More: https://loft.sh/blog/kubernetes-network-policies-a-practitioners-guide

[PDF] Kubernetes Hardening Guidance

👉 https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF

A container Security CTF

Read more https://medium.com/@pookiebear/cant-contain-poop-container-security-ctf-e0c2be4b106e

Encrypt your Kubernetes Secrets with Mozilla SOPS

More: https://thorsten-hans.com/encrypt-your-kubernetes-secrets-with-mozilla-sops

Cross-Account container takeover in Azure Container Instances

👉 https://unit42.paloaltonetworks.com/azure-container-instances

In this post you’ll integrate Kubernetes with Keycloak.
No more sharing KUBECONFIG files and forgetting to export different KUBECONFIG paths!
Read more http://talkingquickly.co.uk/setting-up-oidc-login-kubernetes-kubectl-with-keycloak

Kubernetes security & vulnerability scanning tools: checkov, kube-hunter, kube-bench & Starboard
Read more https://aninditabasak.medium.com/a-lap-around-kubernetes-security-vulnerability-scanning-tools-checkov-kube-hunter-kube-bench-4ffda92c4cf1

Comparing popular Kubernetes security and compliance frameworks, how they differ, when to use, common goals, and suggested tools
Read more https://armosec.io/blog/kubernetes-security-frameworks-and-guidance

Explore how Kubernetes dashboard can be exploited to gain access to a Kubernetes cluster
Read more https://blog.aquasec.com/kubernetes-ui-tools-security-threat

Database security best practices on Kubernetes
Read more https://blog.crunchydata.com/blog/multifactor-sso-authentication-for-postgres-on-kubernetes

This article explains how to deploy Keycloak with Infinispan, the in-memory data store for caching user metadata, on a Kubernetes cluster
Read more https://blog.flant.com/ha-keycloak-infinispan-kubernetes

Guidelines for hardening your kubernetes cluster
Read more https://blog.gitguardian.com/hardening-your-k8s-pt-2

Learn Kubernetes on the 20th of January!

Learnk8s is running the first 4-day Advanced Kubernetes course of 2022 next week.

If you're looking to get your hands dirty with Kubernetes, join us for a session packed with labs and demos!

Sign up here: https://learnk8s.io/training

An overview of Fulcio — a community-driven code signing Certificate Authority.
Read more https://chainguard.dev/posts/2021-11-12-fulcio-deep-dive