TLDR; * Detailed Understanding on particular capability with overview of entire architecture is very important from a Threat Modeling perspective. * Create Checklists to scale security in an organization. Involve all teams, and when possible invest and nurture a security champions program. * Security is a journey not a destination. Celebrate small wins.
September 08, 2023
TLDR; * When it comes to asset management, always start from outside in, like DNS, to understand your dangling subdomains or public IPs, which are sort of overexposed and work your work towards inside of your infrastructure. * For asset inventory, get data from multiple sources so that you can use that
August 25, 2023
Host: Welcome to the final chapter of Kubernetes Learning series. In part one we learned about Kubernetes and workloads in general along with some open-source tools. In part two we learned about approaches for attacking Kubernetes clusters from a red teaming perspective and also understanding attackers mindset while exploiting clusters.
August 04, 2023