🐸 A quick catch up with Kristian Taernhed, who works with NGINX to evaluate and develop solutions our customers can jointly use. 🎤 Amongst all of the AI talk, Kristian highlights the runtime security that jfrog announced this week. 💚 Kristian has also been looking at NGINX One and how the newly introduced capabilities will be able to fit into the JFrog ecosystem for deployment and security capabilities! Alan Kao Stuart Shader Damian Curry #swampUP #DevSecOps #DevOps F5 F5 DevCentral
Buu Lam’s Post
More Relevant Posts
-
New room Container Hardening from TryHackMe: Learn how to implement the mechanisms designed to secure your Docker containers. 🔥 Many things you can learn in this room, it will be good if it has more labs, but it just has 1. 🔥 Protecting the Docker Daemon: docker context, SSH, TLS Encryption 🔥 Implementing Control Groups: --cpus, --memory 🔥 Preventing "Over-Privileged" Containers: Capabilities 🔥 Seccomp & AppArmor 101: Seccomp was new for me, I am used to AppArmor 🔥 Reviewing Docker Images: Docker Hub 🔥 Compliance & Benchmarking (NIST SP 800-190, ISO 27001,CIS Docker Benchmark, OpenSCAP, Docker Scout...etc) 🔥 Lab / Practical: using Grype vulnerability scanner https://lnkd.in/du_4BizA #docker #containers #containerization #ssh #apparmor #seccomp #tryhackme
-
-
This informative video clearly demonstrates the significance of the new user namespace (beta) feature in Kubernetes, effectively illustrating its impact on the platform's security and user management capabilities. #K8S #Kubernetes https://lnkd.in/daEfJee4
Mitigation of CVE-2024-21626 on Kubernetes by enabling User Namespace support
https://www.youtube.com/
-
See how Karpenter using spot instances can take the heavy lifting out of Kubernetes autoscaling. Brent Eager, CISSP shares how you can reduce the time to get nodes added to your EKS cluster with Karpenter and if there’s a notable difference when using spot vs on demand instances, along with other practical tips to design your applications for performance and cost optimization. 📺 https://lnkd.in/eH8vedKV
-
I've been getting into the world of K8s these days. Started with a lot of reading, and now setting up my own personal cluster! As part of my exploring, I want to share my findings, workflows and work arounds. Check out this post on a not-so-well-documented workflow I've implemented, using DNS01 validation for Non-Wildcard domains using LetsEncrypt and Cloudflare, on Kubernetes!
Setup DNS01 Validation With Non-Wildcard Domains and Sub-Domains Using cert-manager, LetsEncrypt…
link.medium.com
-
🔥 Solo Founder 🤖 Building an AI powered, no code, SAAS Builder 🚀 Launching October 24 (Private Beta)
My MVP needed to support SSL, so thanks to Let's Encrypt and #Certbot, it's now automated as feature in my MVP. One click deployment should mean just that! 🚀 #buildinpublic
-
-
DevOps Engineer | RHEL | Docker | Kubernetes | Terraform | Ansible | Python | Shell Scripter | Cloud Engineer | AWS
🔐 𝐄𝐟𝐟𝐨𝐫𝐭𝐥𝐞𝐬𝐬𝐥𝐲 𝐒𝐞𝐜𝐮𝐫𝐞 𝐘𝐨𝐮𝐫 𝐃𝐨𝐜𝐤𝐞𝐫 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐬 𝐰𝐢𝐭𝐡 𝐓𝐫𝐚𝐞𝐟𝐢𝐤 & 𝐋𝐞𝐭’𝐬 𝐄𝐧𝐜𝐫𝐲𝐩𝐭! 🔐If you're looking to automate SSL management and streamline traffic routing for Docker, Traefik and Let’s Encrypt are a perfect match. Check out this quick guide on how to set them up together for enhanced security and simplified scaling! 🚀#𝐃𝐞𝐯𝐎𝐩𝐬 #𝐃𝐨𝐜𝐤𝐞𝐫 #𝐓𝐫𝐚𝐞𝐟𝐢𝐤 #𝐋𝐞𝐭𝐬𝐄𝐧𝐜𝐫𝐲𝐩𝐭 #𝐂𝐲𝐛𝐞𝐫𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
How to Set Up Traefik with Let’s Encrypt for Docker: A Streamlined Approach to Securing Docker…
link.medium.com
-
Uniquely genuine and resourceful technology creator | Cloud Consultant | Public Speaker
Good stopping point for today. k8s cluster, ArgoCD deploying two services in two separate repos and Service-A calling Service-B over k8s DNS. Coming up Kong w/ Gateway and Mesh #k8s #kubernetes #rust
-
-
Version 0.8.0 of #GitOps playground #GOP brings us closer to fully support #airgapped, least privileged and namespace-isolated environments: You can now enable image pull secrets for all tools, and our example pipelines can now be configured to run in airgapped envs. We also started work on enabling network policies, that make GOP run on #OpenShift. We're working on extending #netpols support to complete namespace-isolation on all #k8s clusters. #CertManager can now be rolled out with GOP. We're planning to extend the support to automatically provision #TLS certs via #letsencrypt / #ACME for all tools with a single parameter 🚀 This release also contains contributions of our new maintainer Thomas Michael. Welcome to the team 🥳
-
-
Shift left with ALL vital context ◀️◀️ Get function-level reachability and runtime context that provide REAL results and less noise. Get unmatched clarity on your application’s security from development to deployment. Watch this demo video to see how we do it ➡️ https://hubs.la/Q02WW1BY0 💣 Early detection with deep insights into code, containers, and memory. 👈 Combines shift-left tools like SAST and SCA security #vulnerabilitymanagement #threatintelligence
-
-
This article discusses Docker Engine, its components, and how it uses namespaces, cgroups, and union filesystems to create isolated application environments. It also touches on the security layers and SELinux. More: https://lnkd.in/gJKUPY3P
-
Computer Scientist
2moWorking perfectly with Artifactory JFrog :)