Moving into a new (cloud) neighbourhood? Check its reputation!
Your shiny new cloud instances might be tarnished by the reputation of the last tenant.
Use Shodan to check, and Greynoise to see if its above the norm.
And above all, don’t panic!
Docker Hub Hack: Secure Your Supply Chain
Docker hub loses account info, deploy tokens for github + bitbucket. Supply chain security chaos should ensue. Or are we now too blase? Its not me, right?
That’s the kind of password an idiot uses on luggage: cloud security
Passwords. bits of plain text that end up everywhere in automated systems. etcd. A `secure` way to share secrets. The Internet. A place that everything is guaranteed to end up. This is a toxic brew, read on!
The naked cloud: elasticsearch is stretch but doesn’t cover security
Wide open elasticsearch on the Internet. Its common. The user usually believes since they use private IP (NAT) they are protected. Wrong.
Security of the upstream code, and, the importance of the egress firewall
Bad code can come in through our own import statements and software process. Do you run an egress firewall to protect the world from yourself?
Static Application Security Testing (SAST) and Nodejs (with Gitlab CI)
Gitlab is an excellent continuous integration platform. Adding static application scanning (SAST) makes it better. Lets try without making changes to the container under test.
Suffering sisyphean security solutions: make your chrome part of the solution
Use your desktop chrome to find software with security flaws on the sites you visit. And then fix (if your own) or notify (if not). Be part of the security solution.
Recent Comments