Security

How to test K8S SA’s permissions when OIDC IAM Role was provided in AWS EKS

21 March 2023
adrian
AWS

With the following 'human readable' title, "How to test ( or an example to make use of ) the Kubernetes ServiceAccount's functionality if an AWS IAM Role, which can be…

Preventing email deliverability failures and spoofing

13 February 2022
adrian
DevOps

Long story short, as almost all vulnerabilities comes from human side, we had a small missconfig in our SPF/DMARC record which was found randomly by a security freelancer who inform…

One line appsec firewall for nginx w. fail2ban

20 May 2020
adrian
DevOps

After we saw that that a lot of traffic | ~25% | is coming from bots ( some kind of automated script or program ) who are trying to login…

Setting up a VPN server for small infrastructures

03 April 2020
adrian
DevOps

Supposed that we have a small application which have dev, test and prod env. that should only be accessible for team members and we wanna have access from home or…

How to test K8S SA’s permissions when OIDC IAM Role was provided in AWS EKS

Preventing email deliverability failures and spoofing

One line appsec firewall for nginx w. fail2ban

Setting up a VPN server for small infrastructures

Categories

Recent Posts