Collaborate Disseminate
Does free Snyk detect CVE in a downloaded embedded Tomcat 9.0.55 image/container?
"Dockerfile":
ADD file:* in /
CMD ["/bin/sh"]
ENV JAVA_HOME=/opt/java/openjdk
ENV PATH=/opt/java/openjdk/bin:/usr/local/sbin:/usr/local/b… Continue reading Does free Snyk detect CVE in a downloaded embedded Tomcat? [closed]
This is likely a naïve question, but I’d really appreciate to receive any pointers:
Problem: Users send jobs to a scheduler system such as SLURM, airflow or kubeflow. A job is a docker container plus some input parameters. Some of these in… Continue reading How to pass secret parameters to job schedulers (e.g. SLURM, airflow, kubeflow)?
My understanding of containers is very basic and so is my understanding of AWS EC2. Recently while trying to debug a security issue, I came across a scenario where I was able to gain an RCE. Whether this RCE was in a container or on the EC… Continue reading Why am I able to access EC2 metadata endpoint from within a Docker container running in the EC2
Jack Wallen shows you how to spin up a MongoDB container as a Docker container for your development needs.
The post How to deploy MongoDB as a Docker container appeared first on TechRepublic.
Continue reading How to deploy MongoDB as a Docker container
When in need of any tool to get a job done quickly, or only for a small number of times, it’s great to have a local “discount tool” company locally …read more Continue reading Organizational Inspiration From the Discount Tool Company
Jack Wallen tests out the new Super Container OS and comes away seriously impressed.
The post Super Container OS is a great option for container deployments appeared first on TechRepublic.
Continue reading Super Container OS is a great option for container deployments
I am fairly new to container image vulnerability scanning. There seem to be a lot of tools (Snyk, Trivvy, Clair, e.g.) that can identify vulnerable packages in container images. They also do a good job identifying the fix version for the i… Continue reading What is the easiest way to find non-vulnerable container images?
I am doing some security research on Kubernetes and I found something still mysterious to me, concerning capabilities.
Example of simple pod:
apiVersion: v1
kind: Pod
metadata:
name: my-pod-httpd
spec:
containers:
– name: my-pod-http… Continue reading Capabilities DROP in container of Kubernetes pod running with specific UID
I know how to get repositories, we can use
az acr repository list –name myregistry.
But, how to get repositories with tags that are having security/vulnerability issues after security scans using azure cli?
Continue reading How to get list of azure container images which are affected after security scans?
I have a docker container that I run by adding the extra privilege of CAP_NET_ADMIN in addition to the default ones. If I don’t share the host net namespace with the container, the host namespace is not visible from inside the container wh… Continue reading Can a container with CAP_NET_ADMIN access the host namespace