Security

Cybersecurity, zero trust, compliance, vulnerability management, and security best practices

Security, Tutorials

Container Image Security Scanning with Trivy — Automating Vulnerability Detection in CI/CD Pipelines

Introduction Container images are the building blocks of modern cloud-native applications, but they often ship with known vulnerabilities in base images, system packages, or application dependencies. A single unpatched CVE can expose your entire infrastructure to remote code execution, data breaches, or denial-of-service attacks. In this tutorial, you’ll learn how to: Install and configure Trivy […]

Security

Zero Trust Networking with Cilium

Introduction Cilium Zero Trust Architecture Kubernetes Cluster Worker Node 1 Frontend API DB Cilium Agent (eBPF) – Policy Enforcement Worker Node 2 Auth Service Catalog Cache Cilium Agent (eBPF) – Policy Enforcement WireGuard Encrypted Hubble (Observability) Service Map / Flows / DNS Cilium Network Policy Identity-Based / L7 / FQDN K8s API Server CRD: CiliumNetworkPolicy

Security

Implementing Secrets Management in Kubernetes with External Secrets Operator and AWS Secrets Manager

Introduction Managing sensitive data such as API keys, database passwords, and TLS certificates is one of the most critical security challenges in cloud-native environments. While Kubernetes provides native Secret objects, these are only base64-encoded — not truly encrypted — and managing them at scale across multiple clusters becomes unmanageable. Storing secrets in Git repositories, even

Scroll to Top