Early last year, I wrote “On Establishing a Cloud Security Program”, outlining some advice that can be undertaken to establish a cloud security program aimed at protecting a cloud native, service provider agnostic, container-based offering. The result can be found in a micro-website which contains the list of controls that can be rolled out to establish such cloud security program: A Cloud Security Roadmap Template.

Following that post, one question I got asked was: “That’s great, but how do you even know what to prioritize?”

CVE-2022-0847 (aka “Dirty Pipe”) was released earlier this week (2022-03-07).

This blog aims to provide a quick summary and actionable advice for defenders of cloud environments and those teams who are asked to determine its impact on their company’s infrastructure.

As you might have heard, at the end of January Docker started enforcing the license changes that were announced in August 2021.

Therefore, it was a good time to re-evaluate my setup (overall, I’ve been using Docker Desktop since I started learning about containers in 2017).

In this post, I’m going to document my setup, and how I’ve decided to replace Docker Desktop with minikube on my MacBook.

Back in April, I saw a post on the Cloudflare tech blog which explained how Auditable Terminal gives you a fully featured SSH client in your browser: you authenticate using Cloudflare Access, and can log into a computer - and get a terminal - just using a browser.

The post made me curious, but at the time I didn’t have capacity to look into it. Until now, when I decided to give it a go for my home lab.

Today I want to talk a bit about a side project I’ve been working on for a while, but never actively publicised it.

As a security engineer I often like to test new tools and technologies related to Kubernetes, but I realised I didn’t have a proper environment to do so.