#security (2020-04)

Archive: https://archive.sweetops.com/security/


ennio.trojani avatar

Hi all, I’m setting up ECR Image scanning on push for some images and I was wondering if anyone has a way how I could present the results in a better way other than having them on the AWS console. For example like exporting them to a S3 bucket. I’ve found this project but I’m not sure: https://github.com/aws-samples/amazon-ecr-continuous-scan Has anyone done something similar ?


Example container image re-scan with Amazon ECR. Contribute to aws-samples/amazon-ecr-continuous-scan development by creating an account on GitHub.

Steven avatar

It’s easy to get the scan results. They are just json. The trick is how to turn those into something visually easy to use. Haven’t seen any tools for that



Maciek Strömich avatar
Maciek Strömich
Flipper Zero — Multi-tool Device for Hackers. Lite version based on STM32 attachment image

Based on ultra low power STM32 MCU for daily hacking of access conrtol systems, radio protocols. Compatible with Arduino IDE and PlatformIO.


Exequiel Barrirero avatar
Exequiel Barrirero
Attack matrix for Kubernetes attachment image

While Kubernetes has many advantages, it also brings new security challenges.


btai avatar

anyone running any security agents in K8s?

Marcin Brański (Cloud Posse) avatar
Marcin Brański (Cloud Posse)

what exactly do you mean by security agents?

btai avatar

@Marcin Brański (Cloud Posse) general container runtime security and alerting on sudo command, kubectl exec into pods, etc.

btai avatar

whitelisted docker images

Marcin Brański (Cloud Posse) avatar
Marcin Brański (Cloud Posse)

Nope, not yet. But instead of alerting on kubectl exec or sudo I would just disallow that by default.