Managing Kubernetes seccomp profiles with security profiles operator
Seccomp allows you to limit the syscalls a process can make, limiting its attack surface. In this post, Lachlan Evenson describes how Kubernetes admins can use the security profiles operator to ease creating and managing seccomp profiles for your cluster, including how to monitor a pod and automatically create a seccomp profile for it based on its behavior. Neat!
A Kubernetes engineer’s guide to mTLS
This guide by Buoyant’s William Morgan is probably of the better overviews of mTLS in general - when it’s useful, what it gets you, why it’s hard, etc. The post concludes with how to easily add mTLS to your Kubernetes cluster in 5 minutes using Linkerd.
A basic phishing kit scanner that will search directories and locate phishing kits based on established markers, by Steve Ragan.
Elastic on Elastic: Deep dive into our SIEM architecture
Elastic’s Aaron Jewitt how Elastic’s detection and analytics team uses Elastic to secure their company, including storing different types of data in different clusters, cross cluster search, and more.
Black Hat Rust
Upcoming book by Sylvain Kerkour covering topics like reconnaissance (multi-threaded attack surface discovery), exploitation (writing shellcode in Rust), building a modern RAT in Rust, and more.
Politics / Privacy
Pfizer ‘variant hunters’ race to stay ahead of the Covid-19 pandemic
Some neat insight into the Pfizer team tracking variants and vaccine effectiveness.
Silicon Valley’s Optimization Mindset Sets Us Up for Failure
Tech companies tend to prioritize metrics that can be easily measured, like clicks, screen time, etc., while other admirable goals like increasing human flourishing or promoting freedom or equality are not.
The desire to optimize can favor some values over others. And the choice of which values to favor, and which to sacrifice, are made by the optimizers who then impose those values on the rest of us when their creations reach great scale.
For example, consider that Facebook’s decisions about how content gets moderated or who loses their accounts are the rules of expression for more than three billion people on the platform.
The small and anomalous group of human beings at these companies create, tweak, and optimize technology based on their notions of how it ought to be better. Their vision and their values about technology are remaking our individual lives and societies. As a result, the problems with the optimization mindset have become our problems, too.
A Good Movie to Watch
Find great movies to watch on various streaming platforms.
You Can Make a Netflix Style Doco About Literally Anything
Using a handful of the right equipment and stylistic choices.
The Rise of a Different Work-from-Home
a16z’s Jeff Jordan argues that many houses have assets that are poorly utilized, and that we’ll see more of these rented out via the sharing economy in the future.
An absolutely excellent post about how the Netflix Studios team scaled security and increased developer productivity by partnering with the Cloud Gateway team to embed strong authentication and other security wins into a common gateway service.
The post contains some great discussion about the thought process and approach that went into it, and how to get widespread organic developer adoption of security tooling without being able to mandate it.
If you’re interested in being a modern security team that “builds,” empowers developers, and truly scales security, consider this post a must read.
Here are some quotes I particularly liked:
Overall, we cannot overstate the value of organizationally committing to a single paved road product to handle these kinds of concerns.
The difference between 2–4 “right-ish” ways and a single paved road one is powerful.
If you can do one thing to manage a large product security portfolio, do bulletproof authentication; preferably as a property of the architecture.
“Productizing” a capability (eg: clearly articulated; defined value proposition; branded; measured), even for internal tools, is useful to drive adoption and find further value.
Hitch the security wagon to developer productivity.