Collaborate Disseminate
For parents and families, the thought of someone gaining access to sensitive information can be nothing short of a nightmare. However, one group of developers are on a mission to empower families to take their privacy into their own hands. IceWhale Tec… Continue reading CasaOS: Open-source home cloud based on the Docker ecosystem
I want to create a docker on some machine with pre-configured users and passwords.
If I copy or mirror some files into the docker container, will the users be configured there as well, with their same old passwords?
If so – which files/fol… Continue reading Can I copy all users and passwords from a host machine to a docker running on it? [migrated]
CIS has published a list of container vulnerabilities that should be addressed to complete the hardening process.
Are there separate sets of tools that only point out the vulnerabilities
and then tools that "fix" the vulnerabili… Continue reading Tools for "scanning" container (hardening) vulnerabilities vs tools for "performing" the hardening [closed]
What are the security implications of using HTTP only for IPC for services within the same host?
In my case, I am using docker-compose to host two ASP.NET Core services within the same host in Azure.
One proxy service and one web API servi… Continue reading Security implications of using HTTP for service to service communication within the same host [duplicate]
I always thought that when I build the Dockerfile for my application, the latest version of the base image is downloaded from the registry (and in this way I have a fresh version with all the security patches in the base image).
However I … Continue reading Is the Docker cache a security risk due to stale base images?
Fugue announced support for Kubernetes security prior to deployment. Using policy as code automation built on the open source Regula policy engine, Fugue provides a unified platform for securing infrastructure as code (IaC) and cloud runtime environmen… Continue reading Fugue adds Kubernetes security checks for securing IaC and cloud runtime environments
Fugue announced Fugue IaC, a unified platform for securing infrastructure as code (IaC) and cloud runtime environments using a single set of policies. Powered by a Unified Policy Engine, Fugue IaC saves cloud teams significant time and ensures consiste… Continue reading Fugue IaC platform empowers cloud teams to eliminate security gaps
I’m looking to profile a service running inside a specific docker container. I went through the documentation of aa-genprof and aa-autodep and both take program as input to profile. I can’t seem to find a way to point those programs to pro… Continue reading Getting apparmor to profile a program inside docker container
Lacework released its cloud threat report, unveiling the new techniques and avenues cybercriminals are infiltrating to profit from businesses. The rapid shift of applications and infrastructure to the cloud creates gaps in the security posture of organ… Continue reading Enterprising criminals are selling direct access to cloud accounts
Perforce Software announced its new universal package manager, Helix Artifacts. Helix Artifacts allows Helix Core users to capitalize on their Perforce investment by storing, versioning, and delivering source code and development artifacts from a singl… Continue reading Perforce Helix Artifacts streamlines development workflow complexity and reduces costs