Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam
Read on https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist
Read on https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist
GitHub
GitHub - walidshaari/Certified-Kubernetes-Security-Specialist: Curated resources help you prepare for the CNCF/Linux Foundation…
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by ra...
Kubernetes API Access Security Hardening
👉 https://goteleport.com/blog/kubernetes-api-access-security
👉 https://goteleport.com/blog/kubernetes-api-access-security
Scheduled backup of Vault secrets with Jenkins on Kubernetes
Read more https://igorzhivilo.com/vault/scheduled-backup-vault-secrets
Read more https://igorzhivilo.com/vault/scheduled-backup-vault-secrets
In this article you will learn how to secure Containers with Cosign and Distroless images
Read on: https://infracloud.io/blogs/secure-containers-cosign-distroless-images
Read on: https://infracloud.io/blogs/secure-containers-cosign-distroless-images
Kubernetes Network Policies: a practitioner's guide
More: https://loft.sh/blog/kubernetes-network-policies-a-practitioners-guide
More: https://loft.sh/blog/kubernetes-network-policies-a-practitioners-guide
www.loft.sh
Kubernetes Network Policies: A Practitioner's Guide
Kubernetes Network Policies Best Practices - this article will talk about security in Kubernetes clusters, traffic incoming and outgoing to/from the cluster, and the traffic within the cluster.
[PDF] Kubernetes Hardening Guidance
👉 https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
👉 https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
A container Security CTF
Read more https://medium.com/@pookiebear/cant-contain-poop-container-security-ctf-e0c2be4b106e
Read more https://medium.com/@pookiebear/cant-contain-poop-container-security-ctf-e0c2be4b106e
Encrypt your Kubernetes Secrets with Mozilla SOPS
More: https://thorsten-hans.com/encrypt-your-kubernetes-secrets-with-mozilla-sops
More: https://thorsten-hans.com/encrypt-your-kubernetes-secrets-with-mozilla-sops
Thorsten-Hans
Encrypt your Kubernetes Secrets with Mozilla SOPS
Do you want to store your Kubernetes secrets in git? Learn how to encrypt and decrypt your secrets with Mozilla SOPS and Azure Key Vault.
Cross-Account container takeover in Azure Container Instances
👉 https://unit42.paloaltonetworks.com/azure-container-instances
👉 https://unit42.paloaltonetworks.com/azure-container-instances
In this post you’ll integrate Kubernetes with Keycloak.
No more sharing KUBECONFIG files and forgetting to export different KUBECONFIG paths!
Read more http://talkingquickly.co.uk/setting-up-oidc-login-kubernetes-kubectl-with-keycloak
No more sharing KUBECONFIG files and forgetting to export different KUBECONFIG paths!
Read more http://talkingquickly.co.uk/setting-up-oidc-login-kubernetes-kubectl-with-keycloak
www.talkingquickly.co.uk
OIDC Login to Kubernetes and Kubectl with Keycloak - talkingquickly
Blog by Ben Dixon, Co-founder of Sona, about startups, elixir, AI, climbing and photography
Kubernetes security & vulnerability scanning tools: checkov, kube-hunter, kube-bench & Starboard
Read more https://aninditabasak.medium.com/a-lap-around-kubernetes-security-vulnerability-scanning-tools-checkov-kube-hunter-kube-bench-4ffda92c4cf1
Read more https://aninditabasak.medium.com/a-lap-around-kubernetes-security-vulnerability-scanning-tools-checkov-kube-hunter-kube-bench-4ffda92c4cf1
Comparing popular Kubernetes security and compliance frameworks, how they differ, when to use, common goals, and suggested tools
Read more https://armosec.io/blog/kubernetes-security-frameworks-and-guidance
Read more https://armosec.io/blog/kubernetes-security-frameworks-and-guidance
Explore how Kubernetes dashboard can be exploited to gain access to a Kubernetes cluster
Read more https://blog.aquasec.com/kubernetes-ui-tools-security-threat
Read more https://blog.aquasec.com/kubernetes-ui-tools-security-threat
Database security best practices on Kubernetes
Read more https://blog.crunchydata.com/blog/multifactor-sso-authentication-for-postgres-on-kubernetes
Read more https://blog.crunchydata.com/blog/multifactor-sso-authentication-for-postgres-on-kubernetes
Crunchy Data
Multifactor SSO Authentication for Postgres on Kubernetes
A how-to guide to create a multi-factor (MFA) single-sign on (SSO) authentication system for PostgreSQL on Kubernetes using certificates and passwords.
This article explains how to deploy Keycloak with Infinispan, the in-memory data store for caching user metadata, on a Kubernetes cluster
Read more https://blog.flant.com/ha-keycloak-infinispan-kubernetes
Read more https://blog.flant.com/ha-keycloak-infinispan-kubernetes
Guidelines for hardening your kubernetes cluster
Read more https://blog.gitguardian.com/hardening-your-k8s-pt-2
Read more https://blog.gitguardian.com/hardening-your-k8s-pt-2
GitGuardian Blog - Take Control of Your Secrets Security
Hardening Your Kubernetes Cluster - Guidelines - GitGuardian blog
In this second episode, we will go through the NSA/CISA security recommendations and explain every piece of the guidelines.
Forwarded from LearnKube news
Learn Kubernetes on the 20th of January!
Learnk8s is running the first 4-day Advanced Kubernetes course of 2022 next week.
If you're looking to get your hands dirty with Kubernetes, join us for a session packed with labs and demos!
Sign up here: https://learnk8s.io/training
Learnk8s is running the first 4-day Advanced Kubernetes course of 2022 next week.
If you're looking to get your hands dirty with Kubernetes, join us for a session packed with labs and demos!
Sign up here: https://learnk8s.io/training
An overview of Fulcio — a community-driven code signing Certificate Authority.
Read more https://chainguard.dev/posts/2021-11-12-fulcio-deep-dive
Read more https://chainguard.dev/posts/2021-11-12-fulcio-deep-dive
Forwarded from LearnKube news
How do packets flow inside and outside a Kubernetes cluster?
In this article, you will learn to trace the traffic in your cluster, starting from the initial web request and down to the container hosting the application.
You will learn:
1. How containers in the same pod behave as if they are on the same host.
2. How pods reach other pods in the cluster.
3. How pods reach Services and how Services load balance requests.
https://learnk8s.io/kubernetes-network-packets
In this article, you will learn to trace the traffic in your cluster, starting from the initial web request and down to the container hosting the application.
You will learn:
1. How containers in the same pod behave as if they are on the same host.
2. How pods reach other pods in the cluster.
3. How pods reach Services and how Services load balance requests.
https://learnk8s.io/kubernetes-network-packets
Securing LDAP with TLS certificates using ClusterIssuer in Tanzu Kubernetes Grid
Read more https://cormachogan.com/2021/11/24/securing-ldap-with-tls-certificates-in-tkg-v1-4
Read more https://cormachogan.com/2021/11/24/securing-ldap-with-tls-certificates-in-tkg-v1-4
CormacHogan.com
Securing LDAP with TLS certificates using ClusterIssuer in TKG v1.4 - CormacHogan.com
In this post, I will look at how to secure LDAP communication using TLS certificates with Dex and Pinniped.
How to Secure Your Kubernetes Cluster with OpenID Connect and RBAC
Read more https://dev.to/oktadev/how-to-secure-your-kubernetes-cluster-with-openid-connect-and-rbac-5hic
Read more https://dev.to/oktadev/how-to-secure-your-kubernetes-cluster-with-openid-connect-and-rbac-5hic