“Complexity is the worst enemy of security, and our systems are getting more complex all the time.”
—— Bruce Schneier, Data and Goliath
cl0udn41v3, the place on the Internet focusing on cloud native security
topics including but not limited to Kubernetes and serverless offerings such as AWS Lambda.
I plan to do an episode roughly every two weeks, travel allowing, and each episode has two parts:
- Updates on cloud native breaches, CVEs, attacks, incidents, for example: the Tesla hack.
- A hands-on part, aka the hack of the day, where I will demo something.
For now, there are two things you can do: 1. spread the word, and 2. if you have anything to share that’s in scope, please drop me a line.
And here’s the Twitch stream for you to bookmark:
Place I keep an eye on to learn about new developments and reports (and again, please lemme know which others you think are worth it):
- threat post
- Dark Reading
- AWS security bulletin
- Azure Security Advisories and Bulletins
- Google Kubernetes Engine Security Bulletins
Resources I recommend to read and/or watch to have a good understanding of the background, terms, technologies, and methods:
- Zero Trust Networks
- Kubernetes Security
- AWS Cloud Security
- AWS Lambda Security Best Practices
- Azure Security Documentation
- Google Cloud’s security model
- PureSec’s Serverless Security blog
I’ve been reading Bruce Schneier’s “Click Here to Kill Everybody” and this motivated me to start thinking more about how we’re doing concerning security in cloud native land. Already when Liz and I were working on the Kubernetes Security book I got more and more interested in attack vectors and good practices around container security, but Schneier’s book really caused me to get my act together and do something about it, proactively. So, yeah, might be that the one or other script kiddy is motivated by this site and this is a risk I gotta take. But my hope is that you, the cloud native practitioner, tune in here from time to time to stay up-to-date on security topics across the cloud native landscape (from containers to Kubernetes to Function-as-a-Service offerings). I believe that together we can tackle the threats the Internet+ (well, read the Schneier book ;) poses!
Michael Hausenblas, Ireland, © 2018.