Socials
  • 1-234-564-3773
  • [email protected]
Cloud Security OperationsCloud Security Operations
  • Home
  • Services
  • Blog
  • Contact Us

Cloud Security

Cloud Security

Restrict Ingress/Egress Traffic Label Selectors – OPA Gatekeeper NetworkPolicy Guardrail (Part 3 )

In this series of blog posts, we will be looking at using OPA gatekeeper as the admission controller for our Kubernetes cluster. We will be focusing specifically at creating gatekeeper policies for networking inside the Kubernetes cluster. This article assumes that you are already familiar with installing OPA gatekeeper as Read more…

By Siddharth, 5 days5 days ago
Cloud Security

OPA Gatekeeper Restrict Namespaces for Pod Networking – OPA Gatekeeper NetworkPolicy Guardrail (Part 2 )

In this series of blog posts, we will be looking at deploying OPA gatekeeper as the admission controller for our Kubernetes cluster. We will be focusing specifically on creating gatekeeper policies for implementing Network Policy inside the Kubernetes cluster. This article assumes that you are already familiar with installing OPA Read more…

By Siddharth, 5 days5 days ago
Cloud Security

Restrict NetworkPolicy Management to Specific Users-OPA Gatekeeper Network Policy Guard rails (Part 1)

In this series of blog posts, we will be looking at deploying OPA gatekeeper as the admission controller for our Kubernetes cluster. We will be focusing specifically on creating gatekeeper Network Policy inside the Kubernetes cluster. If you want to push the gatekeeper Audit logs to EFK, you can read Read more…

By Siddharth, 5 days5 days ago
Cloud Security

A Series of Blog Posts on using OPA Policies & Gatekeeper for Kubernetes Security

Introduction No matter what we own, one thing that we always love to do is to customize it. We do it to either make them look and feel the way we want or to have a better sense of control over them. That small nudge to tweak things does always Read more…

By Setu, 2 weeks5 days ago
Cloud Security

Block “Latest” Image Tag – OPA Gatekeeper CI/CD Guardrail (Part 1)

Introduction In this article, we’ll see how we can block “latest” image tag, that is, denying the use of images with the “latest” tag. Yes! You read it right. But why block the “latest” tag? We’ll see that below. What’s wrong with the “latest” tag? We’ll understand this with the Read more…

By Vishal, 2 weeks2 days ago
Cloud Security

Require Trusted Image Repositories and Hardened Images – OPA Gatekeeper CI/CD Guardrail (Part 2)

Introduction This post is about the policy that we’ll use to restrict the use of images only from trusted repositories and the reason to require trusted image repos in an organization. Why do we need this policy? One reason to use an image from a trusted repository is because all Read more…

By Vishal, 2 weeks2 days ago
Cloud Security

Deny Pod Exec Resource – OPA Gatekeeper Pod Security Guardrail (Part 4)

Introduction This is the last post in this series about OPA policies under the category “CI/CD and Secure Configurations”. This is not related to OPA and is quite different from the other articles. We’ll look into a policy to deny the pod “exec” resource to prevent unauthorized users from running Read more…

By Vishal, 2 weeks2 days ago
Cloud Security

Deny Unauthorized Host Paths – OPA Gatekeeper Pod Security Guardrail (Part 1)

Introduction This series of blog posts is all about OPA policies to have a secure CI/CD and pods configuration. We’ll be looking at the various policies and why we’ll be needing it in our organizations. Open Policy Agent (OPA) is a policy engine that is used to implement policies and Read more…

By Vishal, 1 month2 days ago
Auditing AWS Environments for HIPAA Compliance
Cloud Security

Auditing AWS Environments for HIPAA Compliance

Introduction CloudSploit is an AWS compliance, security and configuration monitoring scanner which is the first of its kind. It is an open source project designed to detect security risks in AWS. The CloudSploit Scans is built on NodeJS script which works on two phases. Collection and Scanning. After a successful run, Read more…

By Setu, 3 years2 years ago
cloudsecops-aws-post-exploitation
Amazon Web Services

AWS Post Exploitation – Part 1

What is AWS Post exploitation? Post exploitation is required when you’ve successfully compromised a particular target. The purpose of the AWS Post Exploitation phase is to determine the value of the account compromised and to maintain control of the account for later use. The value of the account is determined by Read more…

By Setu, 3 years2 years ago

Posts navigation

Previous 1 2 3 Next
Subscribe

Always be the first to know news related to Cloud Security. We will never spam you.

Categories
  • Amazon Web Services
  • Cloud Penetration Testing
  • Cloud Security
  • Cloud Security Tools
  • Cloud Security Tutorial
  • Open Policy Agent
  • Uncategorized
Recent Posts
  • Deny Unauthorized ConfigMap Volumes – OPA Gatekeeper Pod Security Guardrail (Part 3)
  • Deny Host Network – OPA Gatekeeper Pod Security Guardrail (Part 2)
  • Restrict Wildcards in RBACs – OPA Gatekeeper RBAC Guardrail (Part 3)
  • Restrict RBAC Admins – OPA Gatekeeper RBAC Guardrail (Part 2)
  • Restrict Service Account Namespace – OPA Gatekeeper RBAC Guardrail (Part 1)
Hestia | Developed by ThemeIsle