Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

SSH configuration: ssh_config

This blog post covers some of my favorite settings for configuring the behavior of an ssh client (i.e. what is in the man pages for ssh_config). Whether you are looking to add some additional security constraints, minimize failures, or prevent carpal tunnel, ssh_config is an often underutilized, yet powerful tool. While the examples in this article focus on ssh configurations on unix based systems like linux and macOS, running an ssh server on windows is supported using openSSH.

Building Docker images in Kubernetes

Hosting a CI/CD platform on Kubernetes is becoming more common among engineers. This approach saves time through automation, ensures consistent deployments, and makes it easier to monitor and manage microservices. However, building container images in Kubernetes clusters involves some technical hurdles that require workarounds. In this article, we’ll explore some ways to build Docker images in a Kubernetes cluster for CI/CD processes.

KubeCon EU 2022. Why you need Teleport in your Kubernetes Infrastructure

Every Kubernetes developer’s favorite time of year is just around the corner, Kubecon EU 2022! Whether you’re attending in person in beautiful Valencia, Spain, or watching the conference from your couch at home, here are a few reasons why — if you operate any Kubernetes infrastructure — you need Teleport.

AWS Targeted by a Package Backfill Attack

On April 28 and April 30, respectively, WhiteSource Diffend identified, blocked, and reported two packages we deemed were malicious versions of original Amazon Web Services (AWS) packages. Whitesource security experts have reached out to contacts at Amazon to notify them of our findings. This discovery may point to a new takeover method that targets packages of well-known origins, in this case, AWS.

On terminals and sessions

In this post I will be announcing a new open source project: Teleport Connect. It is a dedicated secure web browser for accessing cloud infrastructure. But first, let me explain why we've decided to build it, starting with a bit of historical context. As a kid I have always enjoyed imagining the process of programming to having a conversation with a machine. The REPL loop is the most obvious example of this interaction. As our code grows it no longer fits in a REPL environment.

6 Best Practices for Kubernetes Audit Logging

Running a Kubernetes-based infrastructure is challenging and complex. Administrators often lament how complicated performance optimization and monitoring are, which can lead to problems in production. Additionally, even finely-tuned Kubernetes deployments can encounter sporadic issues. When Kubernetes starts behaving in strange ways, digging into logs can help you uncover breadcrumbs. These contextual hints can help lead you to possible solutions.