TLDR; * When it comes to asset management, always start from outside in, like DNS, to understand your dangling subdomains or public IPs, which are sort of overexposed and work your work towards inside of your infrastructure. * For asset inventory, get data from multiple sources so that you can use that
August 25, 2023
Host: Welcome to the final chapter of Kubernetes Learning series. In part one we learned about Kubernetes and workloads in general along with some open-source tools. In part two we learned about approaches for attacking Kubernetes clusters from a red teaming perspective and also understanding attackers mindset while exploiting clusters.
August 04, 2023
TLDR; * First Security hire for an organization should be a Generalist and has necessary soft skills to work with other teams to improve overall security. Soft Skills and Relationship building is key at the early stage of an organization. * Security Champions are important for a successful Security program implementation. Collaborate
July 28, 2023