Kubernetes security is critical throughout the life of the container due to the dynamic and distributed nature of a cluster. For a cluster to be considered effective and stable, it needs to be secure from unauthorized changes. We’ll discuss the different kubernetes security practices that will secure your cluster and increase control of the cluster’s resources.

by @muhammadali642, Marketing at Wildcard

This blog post demonstrates how you can secure Amazon API Gateway HTTP endpoints with JSON web token (JWT) authorizers. Amazon API Gateway helps developers create, publish, and maintain secure APIs at any scale, helping manage thousands of API calls. There are no minimum fees, and you only pay for the API calls you receive.

JFrog’s Security Research team recently disclosed an RCE (remote code execution) issue in Apache Cassandra, which has been assigned to CVE-2021-44521 (CVSS 8.4).

This Apache security vulnerability is easy to exploit and has the potential to wreak havoc on systems, but luckily only manifests in non-default configurations of Cassandra.

In this blogpost, we present the background on how we discovered the RCE security vulnerability, provide details on a PoC exploit, and share the suggested fix and mitigation options.

This blog is for you, if you are planning to deploy Cloud SQL instances using private IP and/or intend to know more about the caveats of configuring Cloud SQL instances using Private IP. The official documentation on configuring Private IP on Cloud SQL service precisely covers most aspects, however this blog explains different scenarios one must consider while planning to deploy the Cloud SQL instance either in one or across multiple regions using Private IP.

This blog also helps to frame a proactive approach on the network design which is the critical foundation for any workload.

Security is important. But like with other aspects of quality, it is too important for specialists. And the ways we talk about it under one term "security" or "security testing", are in my experience harmful for our intentions of doing better in this space.

My journey on finding and reporting databases with sensitive data about Fortune-500 companies, Hospitals, Crypto platforms, Startups during due diligence, and more.

Jon Check, executive director of cyber protection solutions at Raytheon Intelligence & Space, shares insights into today’s cybersecurity staffing problems and solutions.

Reach more than 85k developers and DevOps professionals.
Meet developers and tech decisions makers where they are, not where you want them to be.

Jeff tells and shows us how to speed up microservices security and take the burden off developers by managing auth with an API gateway.

BlackIP-Rep is a tool designed to gather the reputation and information of Bulk IP's. Focused on increasing the workflow of Security Operations(SOC) team during investigation.

An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security.