In this post we’ll configure a Security Sidecar Pattern which will provide application level protection and micro-segmentation within the Kubernetes cluster.
Category Archives: All Posts
Tools of the Trade for Security Systems Engineers in 2020
As we begin a new decade I thought it would be cool to see how the tools of the trade for pre-sales Systems Engineers in the network security field have changed and which tools the SE’s SE will need to be proficient with in 2020.
Microservice Security Design Patterns for Kubernetes (Part 3)
In this post we will take an insecure deployment and implement a Security Service Layer Pattern to block application layer attacks and enforce strict segmentation between services.
JC Version 1.6.1 Released
Try the jc web demo! I’m happy to announce that jc version 1.6.1 has been released and is available on github and pypi. To upgrade, run: New Parsers jc now includes 32 parsers! New parsers (tested on linux and OSX) include: du crontab files pip list pip show Updated Parsers ifconfig parser now outputs rx_bytesContinue reading “JC Version 1.6.1 Released”
Microservice Security Design Patterns for Kubernetes (Part 2)
In this post we will set the groundwork to deep dive into the Security Service Layer Pattern with a live insecure deployment on Google Kubernetes Engine (GKE). By the end of this post you will be able to bring up an insecure deployment and demonstrate layer 7 attacks and unrestricted access between internal services.
Microservice Security Design Patterns for Kubernetes (Part 1)
In this multi-part blog series, I will describe some microservice security design patterns to implement micro-segmentation and deep inspection in the interior of your Kubernetes cluster to further secure your microservice applications, not just the cluster. I will also demonstrate the design patterns with working Proof of Concept deployments that you can use as a starting point.
Bringing the Unix Philosophy to the 21st Century
Try the jc web demo! Do One Thing Well The Unix philosophy of using compact expert tools that do one thing well and pipelining them together to manipulate data is a great idea and has worked well for the past few decades. This philosophy was outlined in the 1978 Foreward to the Bell System TechnicalContinue reading “Bringing the Unix Philosophy to the 21st Century”
Hi, fellow cybersecurity and computing nerds!
I’m Kelly Brazil and I’ve been in the cybersecurity industry for a couple decades now. I taught myself how to program when I was in third grade and I love to dabble in lots of techie topics including network security, cloud computing, automation, microservice architectures and security, software defined networking and SD-WAN, linux, APIs, guitar,Continue reading “Hi, fellow cybersecurity and computing nerds!”