-
The Practitioner’s Guide to Kubernetes Security
Kubernetes has change the way we deploy and manage containerized applications, enabling scalability and automation in ways we never imagined. However, with great power comes great responsibility. Which means a whole lot more complexity and security challenges. From misconfigured RBAC to exposed APIs, Kubernetes clusters are a prime target for attackers. Securing a Kubernetes environment…
-
The Art and Science of Threat Detection: SIEM and Detection Engineering Essentials
I’ve decided to tie this post and one other on Building an Effective Security Operations Program together instead of posting them weeks apart. I wanted to focus on the high level aspect of building out a proper security operations focused on Detection and Response, but I also felt like we needed to really dig into…
-
Getting burned in the Cloud
It has finally happened to me… I’ve finally made a “mistake” in Azure that costed me money… In my defense the default setting changed, and I didn’t notice it. The goal was to setup some backups in Azure with their cold storage. Pretty simple right? It’s super straightforward and I was up in running in…
-
Annoying Azure Bug
Boy oh boy, did Azure piss me off this time. I’ll start by saying I tend to enjoy working in Azure over the other major cloud providers out there. But it’s fair to say, Azure has PLENTY of quirks. A while back, I was working with a client on a consulting gig I’m doing on…