mirror of
https://github.com/nubenetes/awesome-kubernetes.git
synced 2026-05-22 17:13:42 +00:00
277 lines
52 KiB
Markdown
277 lines
52 KiB
Markdown
# Devsecops
|
||
|
||
!!! info "Architectural Context"
|
||
Detailed reference for Devsecops in the context of Hardened Infrastructure.
|
||
|
||
- [devopszone.info: DevSecOps Explained](https://www.devopszone.info/post/devsecops-explained) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [linkedin: Dear Google, my data has left your building!](https://www.linkedin.com/pulse/dear-google-my-data-has-left-your-building-zakir-khan) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [snyk.io: The State of Open Source Security 2020](https://snyk.io/articles/open-source-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [kalilinuxtutorials.com: Deploying & Securing Kubernetes Clusters](https://kalilinuxtutorials.com/deploying-securing-kubernetes-clusters) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [loves.cloud: Creating a fully automated DevSecOps CI/CD Pipeline](https://loves.cloud/creation-of-a-fully-automated-devsecops-cicd-pipeline) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: Balancing Linux security with usability](https://www.redhat.com/en/blog/linux-security-usability) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Culture, Vulnerabilities and Budget: Why Devs and AppSec Disagree](https://thenewstack.io/culture-vulnerabilities-and-budget-why-devs-and-appsec-disagree) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [computing.co.uk: CloudBees gets busy with security, visibility and control as DevOps evolves](https://www.computing.co.uk/news/4020521/cloudbees-busy-security-visibility-control-devops-evolves) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: How to Successfully Integrate Security and DevOps](https://devops.com/how-to-successfully-integrate-security-and-devops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [helpnetsecurity.com: How to make DevSecOps stick with developers](https://www.helpnetsecurity.com/2020/12/14/how-devsecops-developers) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.christophetd.fr: Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues](https://blog.christophetd.fr/shifting-cloud-security-left-scanning-infrastructure-as-code-for-security-issues) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devclass.com: Docker: It’s not dead yet, but there’s a tendency to walk away, security report finds](https://www.devclass.com/containers/2021/01/13/docker-its-not-dead-yet-but-theres-a-tendency-to-walk-away-security-report-finds/1620265) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [opensource.com: How to adopt DevSecOps successfully](https://opensource.com/article/21/2/devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: DevSecOps Trends to Know For 2021](https://devops.com/devsecops-trends-for-2021) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: From Agile to DevOps to DevSecOps: The Next Evolution](https://devops.com/from-agile-to-devops-to-devsecops-the-next-evolution) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [permission.site](https://permission.site) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [ais.com: Leaping into DevSecOps from DevOps](https://www.ais.com/leaping-into-devsecops-from-devops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infoq.com: The Defense Department's Journey with DevSecOps](https://www.infoq.com/news/2020/06/defense-department-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [amazon.com: Building end-to-end AWS DevSecOps CI/CD pipeline with open source SCA, SAST and DAST tools](https://aws.amazon.com/blogs/devops/building-end-to-end-aws-devsecops-ci-cd-pipeline-with-open-source-sca-sast-and-dast-tools) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infoq.com: 9 Trends That Are Influencing the Adoption of Devops and Devsecops in 2021](https://www.infoq.com/articles/devops-secure-trends) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [invensislearning.com: Difference between DevOps and DevSecOps](https://www.invensislearning.com/blog/devops-vs-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [techerati.com: DevSecOps: Eight tips for truly securing software](https://www.techerati.com/features-hub/opinions/devsecops-eight-tips-for-truly-securing-software) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: SecDevOps is the Solution to Cybersecurity 🌟](https://devops.com/secdevops-is-the-solution-to-cybersecurity) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redeszone.net: No configurar bien la nube es culpable de la mayoría de vulnerabilidades](https://www.redeszone.net/noticias/seguridad/configurar-mal-nube-vulnerabilidades) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cybersecuritydive.com: Relationships between DevOps, security warm slowly](https://www.cybersecuritydive.com/news/developer-security-gitlab-devsecops/599599) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [harness.io: Automated DevSecOps with StackHawk and Harness](https://www.harness.io/blog/automated-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [containerjournal.com: The What and Why of Cloud-Native Security](https://cloudnativenow.com/editorial-calendar/cloud-native-security/the-what-and-why-of-cloud-native-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Top vulnerability assessment and management best practices](https://www.sysdig.com/blog/vulnerability-assessment) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Where Are You on the DevSecOps Maturity Curve?](https://thenewstack.io/where-are-you-on-the-devsecops-maturity-curve) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: The Top 5 Secrets Management Mistakes and How to Avoid Them](https://thenewstack.io/the-top-5-secrets-management-mistakes-and-how-to-avoid-them) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [arsouyes.org: PKCS, pem, der, key, crt,...](https://www.arsouyes.org/articles/2021/2021-06-21_PKCS_pem_der_key_crt) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [torq.io: 5 Security Automation Examples for Non-Developers](https://torq.io/blog/5-security-automation-examples-for-non-developers) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infoq.com: Serverless Security: What's Left to Protect?](https://www.infoq.com/articles/serverless-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dqindia.com: Secure your CI/CD pipeline with these tips from experts](https://www.dqindia.com/secure-cicd-pipeline-tips-experts) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: The DevSecOps Skillsets Required for Cloud Deployments](https://thenewstack.io/the-devsecops-skillsets-required-for-cloud-deployments) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devblogs.microsoft.com: You can’t have security for DevOps until you have DevOps for security](https://devblogs.microsoft.com/engineering-at-microsoft/you-cant-have-security-for-devops-until-you-have-devops-for-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [goteleport.com: Anatomy of a Cloud Infrastructure Attack via a Pull Request](https://goteleport.com/blog/hack-via-pull-request) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cncf/tag-security: CNCF Security Technical Advisory Group 🌟](https://github.com/cncf/tag-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [enterprisersproject.com: 5 DevSecOps open source projects to know](https://enterprisersproject.com/article/2021/8/5-devsecops-open-source-projects-know) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Clair](https://github.com/quay/clair) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: 10 Steps to Simplify Your DevSecOps](https://thenewstack.io/10-steps-to-simplify-your-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: 5 ways for teams to create an automation-first mentality](https://www.redhat.com/en/blog/automation-first-mentality) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: Transform Mobile DevOps into Mobile DevSecOps](https://devops.com/transform-mobile-devops-into-mobile-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [softwebsolutions.com: What is DevSecOps and why your business needs it](https://www.softwebsolutions.com/resources/devops-security-tools-benefits) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [containerjournal.com: Siloscape: The Dark Side of Kubernetes](https://cloudnativenow.com/features/siloscape-the-dark-side-of-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Infrastructure-as-Code: 6 Best Practices for Securing Applications 🌟](https://thenewstack.io/infrastructure-as-code-6-best-practices-for-securing-applications) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: Securing Your Software Development Pipelines](https://devops.com/securing-your-software-development-pipelines) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: How GitOps Benefits from Security-as-Code](https://thenewstack.io/how-gitops-benefits-from-security-as-code) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: Tips for a Successful DevSecOps Life Cycle](https://devops.com/tips-for-a-successful-devsecops-life-cycle) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.aquasec.com: Advanced Persistent Threat Techniques Used in Container Attacks](https://blog.aquasec.com/advanced-persistent-threat-techniques-container-attacks) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: 5 Misconceptions About DevSecOps](https://thenewstack.io/5-misconceptions-about-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Why Cloud Native Systems Demand a Zero Trust Approach](https://thenewstack.io/why-cloud-native-systems-demand-a-zero-trust-approach) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: Getting DevSecOps to production and beyond](https://www.redhat.com/en/blog/devsecops-enterprise-architecture) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [opensource.com: 5 open source security resources from 2021](https://opensource.com/article/21/12/open-source-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: Red Hat's approach to DevSecOps](https://www.redhat.com/en/solutions/devsecops-approach) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Open Source Democratized Software. Now Let’s Democratize Security](https://thenewstack.io/open-source-democratized-software-now-lets-democratize-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [goteleport.com: Why DevSecOps is Going Passwordless](https://goteleport.com/blog/devsecops-passwordless) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Want Real Cybersecurity Progress? Redefine the Security Team](https://thenewstack.io/want-real-cybersecurity-progress-redefine-the-security-team) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: Taking a DevSecOps Approach to API Security](https://devops.com/why-traditional-approaches-to-api-security-dont-work) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: Continuous Security: The Next Evolution of CI/CD](https://devops.com/continuous-security-the-next-evolution-of-ci-cd) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: How to Seamlessly Transition to DevSecOps](https://devops.com/how-to-seamlessly-transition-to-devsecops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [research.nccgroup.com: 10 real-world stories of how we’ve compromised CI/CD pipelines](https://research.nccgroup.com/2022/01/13/10-real-world-stories-of-how-weve-compromised-ci-cd-pipelines) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: SecOps in a Post-COVID World: 3 Security Trends to Watch](https://thenewstack.io/secops-in-a-post-covid-world-3-security-trends-to-watch) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Triaging a Malicious Docker Container](https://www.sysdig.com/blog/triaging-malicious-docker-container) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.sonatype.com: Python Packages Upload Your AWS Keys, env vars, Secrets to the Web](https://www.sonatype.com/blog/python-packages-upload-your-aws-keys-env-vars-secrets-to-web) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [bleepingcomputer.com: Over 900,000 Kubernetes instances found exposed online](https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: How to apply security at the source using GitOps | Eduardo Mínguez 🌟](https://www.sysdig.com/blog/gitops-iac-security-source) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [freecodecamp.org: Authentication vs Authorization – What's the Difference?](https://www.freecodecamp.org/news/whats-the-difference-between-authentication-and-authorisation) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [containerjournal.com: Kubernetes Security in Your CI/CD Pipeline](https://cloudnativenow.com/features/kubernetes-security-in-your-ci-cd-pipeline) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [acloudguru.com: Cloud security risks: Why you should make apps Secure by Design](https://www.pluralsight.com/resources/blog/cloud/cloud-apps-secure-by-design) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [hmaslowski.com: macOS Security hardening with Microsoft Intune](https://hmaslowski.com/home/f/macos-security-hardening-with-microsoft-intune) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [kubewarden.io: Scanning secrets in environment variables](https://www.kubewarden.io/blog/2022/10/env-var-secrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [auth0.com: A Passwordless Future! Passkeys for Java Developers](https://auth0.com/blog/webauthn-and-passkeys-for-java-developers) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infracloud.io: How to Prevent Secret Leaks in Your Repositories](https://www.infracloud.io/blogs/prevent-secret-leaks-in-repositories) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Secured Access to Kubernetes from Anywhere with Zero Trust | Tenry Fu 🌟](https://thenewstack.io/secured-access-to-kubernetes-from-anywhere-with-zero-trust) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [rtinsights.com: Implementing Zero Trust for Kubernetes](https://www.rtinsights.com/implementing-zero-trust-for-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cisecurity.org: Where Does Zero Trust Begin and Why is it Important?](https://www.cisecurity.org/insights/blog/where-does-zero-trust-begin-and-why-is-it-important) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: How Do Authentication and Authorization Differ?](https://thenewstack.io/how-do-authentication-and-authorization-differ) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [osohq.com: Patterns for Authorization in Microservices](https://www.osohq.com/post/microservices-authorization-patterns) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [oauth2-proxy/oauth2-proxy: OAuth2 Proxy 🌟](https://github.com/oauth2-proxy/oauth2-proxy) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dev.to/fidalmathew: Session-Based vs. Token-Based Authentication: Which is better?](https://dev.to/fidalmathew/session-based-vs-token-based-authentication-which-is-better-227o) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dev.to/irakan: Is JWT really a good fit for authentication?](https://dev.to/irakan/is-jwt-really-a-good-fit-for-authentication-1khm) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/hygieia/Hygieia 🌟](https://github.com/hygieia/Hygieia) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: How Kubernetes vulnerabilities have shifted since the first attacks](https://thenewstack.io/how-kubernetes-vulnerabilities-have-shifted-since-the-first-api-attacks) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [mirantis.com: Introduction to Istio Ingress: The easy way to manage incoming Kubernetes app traffic](https://www.mirantis.com/blog/introduction-to-istio-ingress-the-easy-way-to-manage-incoming-kubernetes-app-traffic) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [armosec.io: How to secure Kubernetes Ingress?](https://www.armosec.io/blog/kubernetes-ingress-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: StackRox KubeLinter Brings Security Linting to Kubernetes](https://thenewstack.io/stackrox-kubelinter-brings-security-linting-to-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/yannh/kubeconform 🌟](https://github.com/yannh/kubeconform) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Security Insights into Infrastructure-as-Code](https://thenewstack.io/security-insights-into-infrastructure-as-code) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Why you should be using Multi-Category Security (MCS) for your Linux containers](https://www.redhat.com/en/blog/why-you-should-be-using-multi-category-security-your-linux-containers) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Using Podman and Containers to make a more secure pipeline](https://www.redhat.com/en/blog/using-container-technology-make-trusted-pipeline) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Project Calico: Kubernetes Security as SaaS](https://thenewstack.io/project-calico-kubernetes-security-as-saas) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Falco.org](https://falco.org) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Getting started with runtime security and Falco](https://www.sysdig.com/blog/intro-runtime-security-falco) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Security Patterns for Microservice Architectures](https://developer.okta.com/blog/2020/03/23/microservice-security-patterns) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Anchore](https://anchore.com) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Anchore: Scan Your Container Images for Vulnerabilities from the Command Line](https://thenewstack.io/anchore-scan-your-container-images-for-vulnerabilities-from-the-command-line) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Twistlock](https://www.paloaltonetworks.com/prisma/cloud) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Threat Stack](https://www.f5.com/products/distributed-cloud-services) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cloud.google.com: OWASP Top 10 mitigation options on Google Cloud 🌟](https://docs.cloud.google.com/architecture/security/owasp-top-ten-mitigation#product_overviews) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Latest OWASP Top 10 Surfaces Web Development Security Bugs](https://thenewstack.io/the-latest-owasp-top-10-looks-a-lot-like-the-old-owasp) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: OWASP Top 10: A Guide to the Worst Software Vulnerabilities](https://thenewstack.io/owasp-top-10-a-guide-to-the-worst-software-vulnerabilities) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [owasp.org: OWASP API Security Project 🌟](https://owasp.org/www-project-api-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [traceable.ai: Use the OWASP API Top 10 To Secure Your APIs](https://www.traceable.ai/blog-post/use-the-owasp-api-top-10-to-secure-your-apis) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cequence.ai: The OWASP API Security Top 10 From a Real-World Perspective](https://www.cequence.ai/blog/owasp-api-security-top-10-from-a-real-world-perspective) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/OWASP: OWASP Kubernetes Top 10 🌟](https://github.com/OWASP/www-project-kubernetes-top-ten) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [securecoding.com: Code Audit: How to Ensure Compliance for an Application](https://www.securecoding.com/blog/code-audit-how-to-ensure-compliance-for-an-application) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [stackrox.com](https://www.redhat.com/en/technologies/cloud-computing/openshift/advanced-cluster-security-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: Red Hat to Acquire Kubernetes-Native Security Leader StackRox](https://www.redhat.com/en/about/press-releases/red-hat-acquire-kubernetes-native-security-leader-stackrox) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [trivy](https://github.com/aquasecurity/trivy) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.aquasec.com: A Security Review of Docker Official Images: Which Do You Trust? (with trivy)](https://blog.aquasec.com/docker-official-images) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [returngis.net: Buscar vulnerabilidades en imágenes de Docker con Snyk](https://www.returngis.net/2021/09/buscar-vulnerabilidades-en-imagenes-de-docker-con-snyk) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [iximiuz.com: The need for slimmer containers. Scanning official Python images with Snyk](https://iximiuz.com/en/posts/thick-container-vulnerabilities) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Find Vulnerabilities in Container Images with Docker Scan](https://thenewstack.io/find-vulnerabilities-in-container-images-with-docker-scan) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [deepfence/YaraHunter](https://github.com/deepfence/YaraHunter) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Securing Kubernetes With Anchore](https://anchore.com/kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Anchore: Secure Container Based CI/CD Workflows](https://anchore.com/cicd) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Jenkins Plugin: Anchore Container Image Scanner](https://plugins.jenkins.io/anchore-container-scanner) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Notary](https://github.com/notaryproject/notary) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Cosign: Container Signing](https://github.com/sigstore/cosign) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infracloud.io: Enforcing Image Trust on Docker Containers using Notary](https://www.infracloud.io/blogs/enforcing-image-trust-docker-containers-notary) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infracloud.io: How to Secure Containers with Cosign and Distroless Images](https://www.infracloud.io/blogs/secure-containers-cosign-distroless-images) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.blog: Safeguard your containers with new container signing capability in GitHub Actions (cosign)](https://github.blog/security/supply-chain-security/safeguard-container-signing-capability-actions) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [chrisns/cosign-keyless-demo: Cosign Keyless GitHub Action Demo](https://github.com/chrisns/cosign-keyless-demo) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.chainguard.dev: How To Verify Cosigned Container Images In Amazon ECS](https://www.chainguard.dev/unchained) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: How to secure Kubernetes deployment with signature verification](https://www.sysdig.com/blog/secure-kubernetes-deployment-signature-verification) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Securing Kubernetes Workloads: A Practical Approach to Signed and Encrypted Container Images](https://itnext.io/securing-kubernetes-workloads-a-practical-approach-to-signed-and-encrypted-container-images-ff6e98b65bcd) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [GitHub security: what does it take to protect your company from credentials leaking on GitHub? 🌟](https://blog.gitguardian.com/github-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [forbes.com: DevOps Drives Pentesting Delivered As A Service](https://www.forbes.com/sites/chenxiwang/2020/06/17/devops-drives-pentesting-delivered-as-a-service) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [keycloak.org](https://www.keycloak.org) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Authorizing multi-language microservices with Louketo Proxy](https://developers.redhat.com/blog/2020/08/03/authorizing-multi-language-microservices-with-louketo-proxy) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [developers.redhat.com: A deep dive into Keycloak](https://developers.redhat.com/blog/2020/08/07/a-deep-dive-into-keycloak) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.getambassador.io: Step-by-Step Centralized Authentication for Kubernetes with Keycloak and the Ambassador Edge Stack](https://blog.getambassador.io/centralized-authentication-with-keycloak-and-ambassador-edge-stack-d509ffbc7b6f) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.sighup.io: How to run Keycloak in HA on Kubernetes](https://blog.sighup.io/keycloak-ha-on-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [developers.redhat.com: Authentication and authorization using the Keycloak REST API](https://developers.redhat.com/blog/authentication-and-authorization-using-the-keycloak-rest-api) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [openshift.com: Geographically Distributed Stateful Workloads - Part 3: Keycloak](https://www.redhat.com/en/blog/geographically-distributed-stateful-workloads-part-3-keycloak) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.flant.com: Running fault-tolerant Keycloak with Infinispan in Kubernetes](https://palark.com/blog/ha-keycloak-infinispan-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dev.to: KeyCloak with Nginx Ingress](https://dev.to/aws-builders/keycloak-with-nginx-ingress-6fo) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Git Credential Manager Core](https://github.com/git-ecosystem/git-credential-manager) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Git Credential Manager Core: Building a universal authentication experience](https://github.blog/open-source/git/git-credential-manager-core-building-a-universal-authentication-experience) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.gitguardian.com: Secrets in source code (episode 2/3). Why secrets in git are such a problem](https://blog.gitguardian.com/secrets-credentials-api-git) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [harness.io: Managing Secrets in CI/CD Pipelines 🌟](https://www.harness.io/blog) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [smallstep.com: How to Handle Secrets on the Command Line 🌟](https://smallstep.com/blog/command-line-secrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cloud.google.com: Analyze secrets with Cloud Asset Inventory](https://docs.cloud.google.com/secret-manager/docs/analyze-resources) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sops: Simple and flexible tool for managing secrets 🌟](https://github.com/getsops/sops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [jenkins-x.io: Setting up the secrets for your installation](https://jayex.io/v3/admin/setup/secrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [fpcomplete.com: Announcing Amber, encrypted secrets management](https://academy.fpblock.com/blog/announcing-amber-ci-secret-tool) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/keilerkonzept/aws-secretsmanager-files](https://pkg.go.dev/github.com/keilerkonzept/aws-secretsmanager-files) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [youtube: Which of your Kubernetes Apps are accessing Secrets? 🌟](https://www.youtube.com/watch?v=6UF-QxiRGms&ab_channel=Kubevious) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [jenkins-x/gsm-controller](https://github.com/jenkins-x/gsm-controller) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [GoogleCloudPlatform/secrets-store-csi-driver-provider-gcp: Google Secret Manager Provider for Secret Store CSI Driver](https://github.com/GoogleCloudPlatform/secrets-store-csi-driver-provider-gcp) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: DevOps Teams Struggling to Keep Secrets](https://devops.com/devops-teams-struggling-to-keep-secrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thorsten-hans.com: Encrypt your Kubernetes Secrets with Mozilla SOPS](https://www.thorsten-hans.com/encrypt-your-kubernetes-secrets-with-mozilla-sops) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [developers.redhat.com: Protect secrets in Git with the clean/smudge filter](https://developers.redhat.com/articles/2022/02/02/protect-secrets-git-cleansmudge-filter) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [kubeopsskills/cloud-secret-resolvers: Cloud Secret Resolvers (CSR)](https://github.com/kubeopsskills/cloud-secret-resolvers) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Managing Secrets in Your DevOps Pipeline](https://thenewstack.io/managing-secrets-in-your-devops-pipeline) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Kubernetes Secrets Management: 3 Approaches, 9 Best Practices](https://thenewstack.io/kubernetes-secrets-management-3-approaches-9-best-practices) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [commjoen/wrongsecrets: OWASP WrongSecrets](https://github.com/commjoen/wrongsecrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [aws/secrets-store-csi-driver-provider-aws: AWS Secrets Manager and Config Provider for Secret Store CSI Driver](https://github.com/aws/secrets-store-csi-driver-provider-aws) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [unixarena.com: Terraform – Source credentials from AWS secret Manager](https://unixarena.com/2022/04/terraform-source-credentials-from-aws-secret-manager.html) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [pyca/bcrypt](https://github.com/pyca/bcrypt) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [argon2-cffi](https://argon2-cffi.readthedocs.io/en/stable) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [docs.python.org: scrypt (standard library)](https://docs.python.org/3/library/hashlib.html#hashlib.scrypt) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cryptography.io: scrypt (cryptography)](https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [git-secret.io](https://git-secret.io) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [git-cipher](https://github.com/wincent/git-cipher) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [hashicorp/vault](https://github.com/hashicorp/vault) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [hashicorp/vault-csi-provider: HashiCorp Vault Provider for Secrets Store CSI Driver](https://github.com/hashicorp/vault-csi-provider) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [vaultproject.io](https://developer.hashicorp.com/vault) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/kelseyhightower: Serverless Vault with Cloud Run](https://github.com/kelseyhightower/serverless-vault-with-cloud-run) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [confluent.io: How to Manage Secrets for Confluent with Kubernetes and HashiCorp Vault](https://www.confluent.io/blog/manage-secrets-with-kubernetes-and-hashicorp-vault) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [digitalvarys.com: Simple Introduction to HashiCorp Vault](https://digitalvarys.com/simple-introduction-to-hashicorp-vault) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: HashiCorp Releases HCP Vault to Combat ‘Secrets Management’ Fatigue](https://thenewstack.io/hashicorps-releases-hcp-vault-to-combat-secrets-management-fatigue) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [datadoghq.com: Monitor HashiCorp Vault metrics and logs](https://www.datadoghq.com/blog/monitor-vault-metrics-and-logs) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Reasons to Implement HashiCorp Vault and Other Zero Trust Tools](https://thenewstack.io/reasons-to-implement-hashicorp-vault-and-other-zero-trust-tools) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [testdriven.io: Running Vault and Consul on Kubernetes](https://testdriven.io/blog/running-vault-and-consul-on-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devopscube.com: How to Setup Vault in Kubernetes- Beginners Tutorial 🌟](https://devopscube.com/vault-in-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devopscube.com: Vault Agent Injector Tutorial: Inject Secrets to Pods Using Vault Agent](https://devopscube.com/vault-agent-injector-tutorial) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [piotrminkowski.com: Vault on Kubernetes with Spring Cloud](https://piotrminkowski.com/2021/12/30/vault-on-kubernetes-with-spring-cloud) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [alexandre-vazquez.com: How To Inject Secrets in Pods To Improve Security with Hashicorp Vault in 5 Minutes 🌟](https://alexandre-vazquez.com/inject-secrets-in-pods-using-hashicorp-vault) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [harness.io: Tutorial: How to Use the New Vault Agent Integration Method With Harness](https://www.harness.io/blog/vault-agent-secrets-management) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [docs.microsoft.com: Azure Key Vault](https://learn.microsoft.com/en-us/azure/key-vault/general/overview) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [azure.github.io: Azure Key Vault Provider for Secrets Store CSI Driver](https://azure.github.io/secrets-store-csi-driver-provider-azure) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [akv2k8s.io: Azure Key Vault to Kubernetes akv2k8s 🌟](https://akv2k8s.io) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Azure Key Vault to Kubernetes](https://github.com/SparebankenVest/azure-key-vault-to-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Neoteroi/essentials-configuration-keyvault](https://github.com/Neoteroi/essentials-configuration-keyvault) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [techcommunity.microsoft.com: In preview: Azure Key Vault secrets provider extension for Arc enabled Kubernetes clusters](https://techcommunity.microsoft.com/blog/azurearcblog/in-preview-azure-key-vault-secrets-provider-extension-for-arc-enabled-kubernetes/3002160) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [vcloud-lab.com: Create Azure Key Vault Certificates on Azure Portal and Powershell](http://vcloud-lab.com/entries/microsoft-azure/-create-azure-key-vault-certificates-on-azure-portal-and-powershell) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [ansible.com: Simplifying secrets management with CyberArk and Red Hat Ansible Automation Platform](https://www.redhat.com/en/blog/simplifying-secrets-management-with-cyberark-and-red-hat-ansible-automation-platform?sc_cid=7015Y000003t7aWQAQ) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [ansible.com: Automating Security with CyberArk and Red Hat Ansible Automation Platform](https://www.redhat.com/en/blog/automating-security-with-cyberark-and-red-hat-ansible-automation-platform?sc_cid=7015Y000003t7aWQAQ) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [conjur.org](https://www.conjur.org) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infracloud.io: Securing Kubernetes Secrets with Conjur 🌟](https://www.infracloud.io/blogs/securing-kubernetes-secrets-conjur) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dev.to: Manage your secrets in Git with SOPS for Kubernetes 🌟](https://dev.to/stack-labs/manage-your-secrets-in-git-with-sops-for-kubernetes-57me) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [GitOps secret management with bitnami-labs Sealed Secret and GoDaddy Kubernetes External Secrets 🌟](https://www.redhat.com/en/blog/gitops-secret-management) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [aws.amazon.com: Managing secrets deployment in Kubernetes using Sealed Secrets 🌟](https://aws.amazon.com/blogs/opensource/managing-secrets-deployment-in-kubernetes-using-sealed-secrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.container-solutions.com: The Birth of the External Secrets Community](https://blog.container-solutions.com/the-birth-of-the-external-secrets-community) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Secrets injection at runtime from external Vault into Kubernetes — POC](https://itnext.io/secrets-injection-from-external-vault-into-kubernetes-poc-83a52c8cf5cb) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [jx-secret-postrenderer 🌟](https://github.com/jenkins-x-plugins/jx-secret-postrenderer) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Managing Kubernetes Secrets with AWS Secrets Manager 🌟](https://thenewstack.io/managing-kubernetes-secrets-with-aws-secrets-manager) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [K8s Vault Webhook 🌟](https://ot-container-kit.github.io/k8s-vault-webhook) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Walkthrough: Bitwarden’s New Secrets Manager](https://thenewstack.io/walkthrough-bitwardens-new-secrets-manager) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [morey.tech: Bitwarden and External Secrets](https://morey.tech/technical%20blog/Bitwarden-And-External-Secrets) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [10 Serverless security best practices](https://snyk.io/blog/10-serverless-security-best-practices) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thehackernews.com: Docker Images Containing Cryptojacking Malware Distributed via Docker Hub](https://thehackernews.com/2020/06/cryptocurrency-docker-image.html) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: 12 Container image scanning best practices to adopt in production](https://www.sysdig.com/learn-cloud-native/12-container-image-scanning-best-practices) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infracloud.io: The Ten Commandments of Container Security](https://www.infracloud.io/blogs/top-10-things-for-container-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Sysdig 2021 container security and usage report: Shifting left is not enough 🌟](https://www.sysdig.com/blog/sysdig-2021-container-security-usage-report) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Hardening Docker and Kubernetes with seccomp 🌟](https://itnext.io/hardening-docker-and-kubernetes-with-seccomp-a88b1b4e2111) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: Improving Linux container security with seccomp 🌟](https://www.redhat.com/en/blog/container-security-seccomp) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [openshift.com: Signing and Verifying Container Images 🌟](https://www.redhat.com/en/blog/signing-and-verifying-container-images) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [redhat.com: Introducing Red Hat Vulnerability Scanner Certification](https://www.redhat.com/en/blog/introducing-red-hat-vulnerability-scanner-certification) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [docs.microsoft.com: Introduction to Azure Defender for container registries](https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-container-registries-introduction#when-are-images-scanned) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [techbeacon.com: 17 open-source container security tools 🌟](https://techbeacon.com/security/17-open-source-container-security-tools) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [GoogleContainerTools/container-structure-test](https://github.com/GoogleContainerTools/container-structure-test) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dynatrace.com: Container security: What it is, why it’s tricky, and how to do it right](https://www.dynatrace.com/news/blog/what-is-container-security) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sigstore.dev](https://www.sigstore.dev) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [youtube: Hands-on Introduction to sigstore | Rawkode Live](https://www.youtube.com/watch?v=fZfd4orrn8Y&ab_channel=RawkodeAcademy) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [opensource.com: Sign and verify container images with this open source tool (sigstore)](https://opensource.com/article/21/12/sigstore-container-images) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Container security best practices: Ultimate guide 🌟](https://www.sysdig.com/learn-cloud-native/container-security-best-practices) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [infracloud.io: Kubernetes Pod Security Policies with Open Policy Agent](https://www.infracloud.io/blogs/kubernetes-pod-security-policies-opa) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [blog.nody.cc: Verify your Kubernetes Cluster Network Policies: From Faith to Proof](https://blog.nody.cc/posts/2020-06-kubernetes-network-policy-verification) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [DevSecOps – Static Analysis SAST with Jenkins Pipeline](https://digitalvarys.com/devsecops-static-analysis-sast-with-jenkins-pipeline) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [europeclouds.com: Implementing Aqua Security to Secure Kubernetes](https://www.europeclouds.com/blog/implementing-aqua-security-to-secure-kubernetes) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Pomerium](https://github.com/pomerium/pomerium) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [fluentbit.io](https://fluentbit.io) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [falco.org: Detect Malicious Behaviour on Kubernetes API Server through gathering Audit Logs by using FluentBit - Part 2](https://falco.org/blog/detect-malicious-behaviour-on-kubernetes-api-server-through-gathering-audit-logs-by-using-fluentbit-part-2) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [kubearmor.io](https://kubearmor.io) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Protecting Your Kubernetes Environment With KubeArmor](https://itnext.io/protecting-your-kubernetes-environment-with-kubearmor-76b02fc2209b) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Helm 3 — Secrets management, an alternative approach 🌟](https://itnext.io/helm-3-secrets-management-4f23041f05c3) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Manage Auto-generated Secrets In Your Helm Charts 🌟](https://itnext.io/manage-auto-generated-secrets-in-your-helm-charts-5aee48ba6918) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [hashcat](https://hashcat.net/hashcat) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [intezer.com: New Attacks on Kubernetes via Misconfigured Argo Workflows](https://intezer.com/blog/new-attacks-on-kubernetes-via-misconfigured-argo-workflows) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [devops.com: How to Automate PKI for DevOps With Open Source Tools](https://devops.com/how-to-automate-pki-for-devops-with-open-source-tools) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cybersecsi/HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion](https://github.com/cybersecsi/HOUDINI) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [itnext.io: Top 6 Threat Detection Tools for Containers](https://itnext.io/top-6-threat-detection-tools-for-containers-3dd80b77777e) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: AWS Open Sources Security Tools](https://thenewstack.io/aws-open-sources-security-tools) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sentinelone.com: Reducing Human Effort in Cybersecurity | Why We Are Investing in Torq’s Automation Platform](https://www.sentinelone.com/blog/reducing-human-effort-in-cybersecurity-why-we-are-investing-in-torqs-automation-platform) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [pkg.go.dev/knative.dev/security-guard](https://pkg.go.dev/knative.dev/security-guard) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [developer.ibm.com: Secure microservices by monitoring behavior](https://developer.ibm.com/technologies/containers) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Microservices Security in Action](https://medium.facilelogin.com/microservices-security-in-action-933072043ad7) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Mitigating CVE-2021-20291: DoS affecting CRI-O and Podman](https://www.sysdig.com/blog/cve-2021-20291-cri-o-podman) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [sysdig.com: Mitigating log4j with Runtime-based Kubernetes Network Policies](https://www.sysdig.com/blog/mitigating-log4j-kubernetes-network-policies) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/aws-samples: Apache Log4j2 CVE-2021-44228 node agent](https://github.com/aws-samples/kubernetes-log4j-cve-2021-44228-node-agent) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [proferosec/log4jScanner](https://github.com/proferosec/log4jScanner) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Apache Log4j Security Vulnerabilities](https://logging.apache.org/security.html) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cloud.redhat.com: Log4Shell: Practical Mitigations and Impact Analysis of the Log4j Vulnerabilities](https://www.redhat.com/en/blog/log4shell-practical-mitigations-and-impact-analysis) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [edition.cnn.com: The Log4j security flaw could impact the entire internet. Here's what you should know](https://edition.cnn.com/2021/12/15/tech/log4j-vulnerability/index.html) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [yahoo/check-log4j](https://github.com/yahoo/check-log4j) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [welivesecurity.com: Lo que todo líder de una empresa debe saber sobre Log4Shell](https://www.welivesecurity.com/la-es/2021/12/16/que-deben-saber-lideres-empresas-sobre-log4shell) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [genbeta.com: "Internet está en llamas": Cloudflare ha detectado más de 24.600 ataques por minuto que explotaban la vulnerabilidad Log4Shell](https://www.genbeta.com/actualidad/internet-esta-llamas-cloudflare-ha-detectado-24-600-ataques-minuto-que-explotaban-vulnerabilidad-log4shell) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dynatrace.com: Log4Shell vulnerability](https://www.dynatrace.com/news/tag/log4shell) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Maelstromage/Log4jSherlock](https://github.com/Maelstromage/Log4jSherlock) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cyberscoop.com: The Log4j flaw is the latest reminder that quick security fixes are easier said than done](https://cyberscoop.com/log4j-hack-security-update-ransomware) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [vpnranks.com: Belgian Defense Ministry Under Cyber Attack Due to Log4j Vulnerability](https://www.vpnranks.com/news/belgian-defense-ministry-under-cyber-attack-due-to-log4j-vulnerability) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [dynatrace.com: Log4Shell vulnerability discovery and mitigation require automatic and intelligent observability](https://www.dynatrace.com/news/blog/log4shell-vulnerability-discovery-and-mitigation) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: Yet Another Log4j Security Problem Appears](https://thenewstack.io/yet-another-log4j-security-problem-appears) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [cisagov/log4j-scanner](https://github.com/cisagov/log4j-scanner) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [google/log4jscanner](https://github.com/google/log4jscanner) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thehackernews.com: Microsoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities](https://thehackernews.com/2022/01/microsoft-warns-of-continued-attacks.html) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [zdnet.com: Log4j: Google and IBM call for list of critical open source projects](https://www.zdnet.com/article/log4j-after-white-house-meeting-google-calls-for-list-of-critical-open-source-projects) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [it.slashdot.org: And the Top Source of Critical Security Threats Is...PowerShell](https://it.slashdot.org/story/21/05/22/041242/and-the-top-source-of-critical-security-threats-ispowershell) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [therecord.media: UK government plans to release Nmap scripts for finding vulnerabilities](https://therecord.media/uk-government-plans-to-release-nmap-scripts-for-finding-vulnerabilities) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [thenewstack.io: WAF: Securing Applications at the Edge](https://thenewstack.io/waf-securing-applications-at-the-edge) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [zdnet.com: Google releases new open-source security software program: Scorecards](https://www.zdnet.com/article/google-releases-new-open-source-security-software-program-scorecards) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [tryhackme.com: Metasploit: Introduction](https://tryhackme.com/room/metasploitintro) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [socket.dev: Introducing Socket](https://socket.dev/blog/introducing-socket) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [deepfence/ThreatMapper 🌟](https://github.com/deepfence/ThreatMapper) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/goauthentik/authentik](https://github.com/goauthentik/authentik) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/openappsec/openappsec](https://github.com/openappsec/openappsec) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [Microsoft Security Copilot](https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-security-copilot) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|
||
- [github.com/prowler-cloud/prowler 🌟🌟](https://github.com/prowler-cloud/prowler) <span class='md-tag md-tag--info'>[COMMUNITY-TOOL]</span>
|