We'll be running our container security and hacking workshop again at Steelcon this year, looking forward to it.

If you're interested in Docker/Kubernetes/Security get your ticket booked before they sell out!

We’re putting security above all else at Microsoft by expanding the Secure Future Initiative—our commitment to delivering solutions that meet the highest possible security standards. Learn more: msft.it/6017YRK9U #SecureByDesign #CloudSecurity

We've got a new vacancy in the Datadog, Inc. security advocacy team. If you're in the US (The role is remote friendly) and like all things Appsec, come work with us! careers.datadoghq.com/detail/5730829…

I wrote a new blog post✍️:

Container Runtime Interface streaming explained
k8s.io/blog/2024/05/0…

We're diving into the implementation details, the history and background decisions of the CRI Streaming server to build up a better understanding of #Kubernetes internals. 😊

Two left.

If they aren't sold by the time I get up, there will be trouble!

😅 Fun with Kubernetes Authorization Auditing

Rory McCune on the complexity of auditing permissions in Kubernetes clusters with multiple authorizers

→ Review each authz system and look at permissions granted
→ Automated tools will likely miss things

raesene.github.io/blog/2024/04/2…

Ed Balls

Don't look now... but 40 Linux Kernel issues from a 3 month period (most in Sep) in 2022 got assignments and published today. Anyone want to do the math to figure out how many CVE IDs they will publish if they do this historically? =) (cc Brad Spengler)

Help Duffie cross 10k!!!!!

Heard the exciting news? Datadog is attending #AWSSummit London at booth #D3 ! Stop by and we’ll show you how Datadog provides complete visibility into your AWS applications and infrastructure. You can also snag a free t-shirt or enter our Apple AirPods Max raffle.

A lovely piece by Jimmy McIntosh on what's next for London's pubs politicshome.com/thehouse/artic…

A quick blog on some of the complexities of auditing #Kubernetes authorization where there are multiple Authorization modes enabled raesene.github.io/blog/2024/04/2…

A fantastic way to prove you support women in tech is to threaten to sue a young woman in tech like this. Amazing marketing strategy that definitely makes me want to do business with you and your company! Great job, Qovery team! 👍👍

So my wife's got a Monzo card she only uses infrequently. We go to check it today and there's a *load* of obviously dodgy roblox and other charges on it going back some months.

Really surprised that their fraud systems didn't catch this and block the card, the pattern is clear.

If you don't have eligible photo ID, you can't vote in the upcoming elections on 2 May.

However, you CAN get a free Voter Authority Certificate instead, if you apply by Wednesday 24 April.

Know someone without internet access? Spread the word ⬇️

moneysavingexpert.com/family/uk-elec…

Read our 2024 State of DevSecOps study! We analyzed data from thousands of cloud environments, and tens of thousands of applications and container images, to understand trends in application security posture and adoption of DevSecOps best practices: dtdg.co/devsecops2024-x

David is a lovely human being who runs his own training business teaching others his container expertise, and their offices just burned down. He needs a new job and some community love, stat.

Who’s hiring container/K8s experts who are good at teaching right now? Can you help?

New from Datadog Security Research! We found a vulnerability in AWS Amplify that exposed IAM roles associated with Amplify projects, making them assumable by anyone in the world! Both the Amplify CLI and Studio had this behavior.
securitylabs.datadoghq.com/articles/ampli…

🚨 I'm super excited to announce the project I've been pouring all of my free time into this past month.

The Kubenomicon: An open source offensive security focused threat matrix for kubernetes with an emphasis on walking through how to exploit each attack. Get more info below!

Day 1 of #GoogleCloudNext ! Looking forward to seeing some talks and meeting folks. I'll be speaking about security observability on Thursday, so if you're tired of all the AI talks by then come by my session at 09:45 cloud.withgoogle.com/next/session-l…