In just about a week we will be live on stage at BlackHat 2017 with this tersely titled talk: Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and[…]
The Center for Internet Security (CIS) published a new banchmark last week for Kubernetes 1.6. As the adoption of container technologies grows rapidly, orchestrators have become a key enabler,[…]
Last week I presented at the NY Kubernetes meetup on security best practices.
Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to[…]
If you know that somebody is going to throw a stone at your car’s windshield, then the glass thickness should be proportional to your driving speed (simple physics…).
This is a blog post that Amir and I published on Kubernetes.io.
Kubernetes provides many controls that can greatly improve your application security. Configuring them requires intimate knowledge[…]
Right after DockerCon, I presented at the Kubernetes meetup in Seattle.
Security is the enterprise’s foremost concern on its way to production adoption of container technology. However, security is never a one-off deal, and in the context of the still nascent[…]
A month ago we introduced Peekr, Scalock’s free security scanner for container images.