Let me just cut straight to it: I'm going to open source the Have I Been Pwned code base. The decision has been a while coming and it took a failed M&A process to get here, but the code will be turned over to the public for the
Twitter was thrown into chaos on Wednesday after accounts for some of the world's most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to internal Twitter administrative tools. This post is an attempt to lay…
Dockle - Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes suggestions on how to mitigate them. Krane dashboard presents current RBAC security posture and lets you navigate through its definition.
Red Hat's flatpak has been getting a lot of attention lately, it's the self-proclaimed new way of distributing desktop applications on Linux. It's secure they say ...
Check End of Life of php, python, ubuntu, alpine, laravel, debian, centos, django, .NET, fedora, iphone, redhat, postgres, ruby, windows, Node.js, mariadb, laravel, java etc at one place. Verify whether your application needs an update, or if you need to upgrade your device.
Intel's speculative execution flaws go deeper and are harder to fix than we thought.
Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others. It performs an in-depth security scan and runs on the system itself. The primary goal is to test security defenses and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis was commonly used by system administrators and auditors to assess the security defenses of their systems. Besides the "blue team," nowadays penetration testers also have Lynis in their toolkit.
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI.
Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep.
cloud native software supply chain ☁️🔗. Contribute to liatrio/rode development by creating an account on GitHub.
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards. - google/OpenSK
Karydia is a security add-on for Kubernetes, which helps you follow good security practices by inverting insecure default settings in Kubernetes.
The ultimate Kubernetes security tools list: Image scanning, container compliance, runtime security, e2e commercial platforms, network security and more
CScanner scans your cloud accounts for potential security problems.
An open source identity access proxy.
Quantify risk for Kubernetes resources
This is the penultimate article in a series entitled Securing Kubernetes for Cloud Native Applications, and follows our discussion about securing the important components of a cluster, such as the API server and Kubelet. In this article, we’re going to...
A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model.