Security

Wednesday – August 21, 2019

How VPN automation ended up becoming a single sign-on server — Part 1

What started as a short-term hack ended up being an open-source project that’s now used across Go-Jek. This was a great lesson …

Thursday – August 8, 2019

bitnami-labs/sealed-secrets

SealedSecret is a Kubernetes controller and tool for one-way encrypted Secrets. Encrypt your Secret into a SealedSecret, which is safe to store …

Friday – August 2, 2019

A Technical Analysis of the Capital One Hack

The disclosure of yet another cloud security misconfiguration leading to the loss of sensitive personal information came with a bit more information …

Monday – July 29, 2019

How SAML 2.0 Authentication Works

At its core, Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services. SAML is …

Wednesday – July 17, 2019

[jedisct1/dsvpn] A Dead Simple VPN.

DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN. DSVPN works pretty much …

Thursday – May 9, 2019

CVE – CVE-2019-5021

Common Vulnerabilities and Exposures (CVE®) is a list of entries  (each containing an identification number, description, and at least one public reference) …

Saturday – May 4, 2019

Security flaws in 100+ Jenkins plugins put enterprise networks at risk | ZDNet

A security researcher has found and reported security flaws in more than 100 different Jenkins plugins over the last 18 months. Despite …

Wednesday – April 10, 2019

A Peek Into the Toolkit of the Dangerous Triton Hackers

Two customers hired FireEye to investigate intrusions on their networks: the Petro Rabigh oil refinery, temporarily shut down by Triton in Saudi …

Thursday – March 14, 2019

Build Container Images In Kubernetes with Kaniko

Build Container Images In Kubernetes. `kaniko` is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. …

Tuesday – March 12, 2019

Chamber by Segment.io

Chamber is a tool for managing secrets on the command line. It works by storing secrets in SSM Parameter Store, an AWS …