Running your workloads on Kubernetes(k8s) is becoming a de facto standard for many companies building software. The usual steps involve building software, running tests, building a container, hopefully doing some security scanning in the process, pushing to the registry, and deploying.
Blog
Occamslabs sharing insights about cloud securtiy
-
Kubernetes and Supply Chain Security
Supplychain Security Kubernetes August 11, 2023
-
Vulnerability vs. Supply Chain Attack
Supplychain Security August 07, 2023
A vulnerability is usually an unintended software bug that opens an attack angle for a malicious actor. The good thing about an open-source project is, that the bigger the project, the more eyes are on it. The more likely these vulnerabilities will surface and be fixed fast. In smaller or dormant projects, this is usually not the case.
-
Supply Chains and Lock Files
Supplychain Security August 01, 2023
A supply chain attack is when one or more of the dependencies in your application have been compromised, and some “bad code “is running on your systems and applications that is intended to harm you. These kinds of attacks are becoming more common and more sophisticated.