«

The three container security golden rules

As containers became a standard in IT applications, enumerating a few security best practices is now a business need. Therefore I’ve defined those three golden rules to keep in mind before pushing a new image for production to your company container repository. I Careful with share volumes you will be Contrary to a Virtual Machine, a Docker container uses the host kernel directly, so in case of a kernel vulnerability restricted permissions on shared resources won’t protect you from an attacker.…

Read more »

Ship your Applicative log files anywhere

As I recently had to manage an integration project for the Security Operation Center service of a big company, I had to configure applicative logs forwarding to the nearest SIEM syslog collector for each service included in the scope. I’ve found that the rsyslog agent is usually preinstalled in any Unix distribution with default operating system log folders configured out of the box so that the system log forwarding is most of the time almost as simple as service rsyslog start 1.…

Read more »