Archive for the ‘security’ Category
Filed under: presentation, security | Leave a Comment
Tags: API, certificates, containers, DevOps, devsecops, Docker, scale, secdevops, security
The Dell Lesson on Trust Scope
Dell has been in trouble for the last few days for shipping a self signed CA ‘eDellRoot'[1] in the trusted root store on their Windows laptops. From a public relations perspective they’ve done the right thing by saying sorry and providing a fix. This post isn’t going to pick apart the rights and wrongs – […]
Filed under: could_do_better, security | Leave a Comment
Tags: CA, certificate, Dell, trust
Twistlock have announced the general availability of their Container Security Suite, along with a partnership with Google Cloud Platform that integrates Twistlock into Google Container Engine (GKE). The suite consists of a console to define policy, a registry scanner and a ‘Defender’that runs as a privileged container on each host. The suite connects to Twistlock’s […]
Filed under: cloud, Docker, InfoQ news, security | Leave a Comment
Tags: cloud, containers, Docker, google, security, Twistlock
Docker inc. have announced the release of Docker 1.8, which brings with it some new and updated tools in addition to new engine features. Docker Toolbox provides a packaged system aiming to be, ‘the fastest way to get up and running with a Docker development environment’, and replaces Boot2Docker. The most significant change to Docker Engine […]
Filed under: Docker, InfoQ news, security | Leave a Comment
Tags: content trust, Docker, InfoQ, security, toolbox
A friend emailed me yesterday saying he was ‘trying to be better informed on security topics’ and asking for suggestions on blogs etc. Here’s my reply… For security stuff first read (or at least skim) Ross Anderson’s Security Engineering (UK|US) – it’s basically the bible for infosec. Don’t be scared that it’s now seven years old […]
Filed under: security | 3 Comments
Tags: security
BanyanOps have published a report stating that ‘Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities’, which include some of the sensational 2014 issues such as ShellShock and Heartbleed. The analysis also looks at user generated ‘general’ repositories and finds an even greater level of vulnerability. Their conclusion is that images […]
Filed under: Docker, InfoQ news, security | Leave a Comment
Tags: Docker, InfoQ, security
Docker Inc have worked with the Center for Internet Security (CIS) to produce a benchmark document [pdf] containing numerous recommendations for the security of Docker deployments. The benchmark was announced in a blog post ‘Understanding Docker Security and Best Practices’ by Diogo Mónica who was recently hired along with Nathan McCauley to lead theDocker Security […]
Filed under: Docker, InfoQ news, security | Leave a Comment
Tags: benchmark, CIS, Docker, Linux, security
At their re:invent 2014 show Amazon launched AWS Key Management Service (KMS), “a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data, and uses Hardware Security Modules (HSMs) to protect the security of your keys”. At launch the service supported EBS, S3 and Redshift. […]
Filed under: cloud, InfoQ news, security | 2 Comments
Tags: amazon, aws, cloud, encryption, HSM, KMS, security
Netflix have announced the release of the Message Security Layer protocol (MSL), which they describe as ‘A Modern Take on Securing Communication’. The project is available on github under the Apache 2.0 license, with implementations in Java and JavaScript. The high level goals of the protocol are to improve performance, be cross language, flexible and extensible, […]
Filed under: InfoQ news, security | Leave a Comment
Tags: MSL, Netflix, open source, PKI, SSL, tls
CloudFlare have made SSL available to all free subscribers to its content delivery network (CDN) with Universal SSL. The move addresses both cost and complexity issues that have previously confronted web site and application owners wanting to deploy SSL. CloudFlare takes care of issuing a certificate at no cost to the end user, and enabling […]
Filed under: InfoQ news, security | Leave a Comment
Tags: CA, CDN, certificate, CloudFlare, security, SSL, tls, web
Chris Swan's Weblog 