by Stephen Kuenzli | Jul 1, 2019 | AWS, Cloud, Security
Reading Time: 5 minutes A Leak, Daan Mooij A large ‘leak’ of Attunity customers’ data (Upguard) became public last week. Attunity is a ‘Data Integration and Big Data Management’ service that is (or was) ‘Trusted by Half the Fortune... by Stephen Kuenzli | Jun 26, 2019 | AWS, Cloud
Reading Time: 3 minutes Can anyone ssh into an instance in this VPC via a route other than our bastion? Are any of our objects stored in S3 publicly readable? Writable? Helping customers answer these questions in the general case and preventing bad configurations from... 
by Stephen Kuenzli | Jun 24, 2019 | Docker, Security
Reading Time: 7 minutes Last week I described what application containers are and the problems they solve. Today, I’d like to describe some practices for running Docker application containers more securely. We’ll use the cute-and-fun, but maybe not so... 
by Stephen Kuenzli | Jun 21, 2019 | Secrets, Security
Spidey sense I’ve completed the first pass of analysis and 80% of the write-up for the Secret Delivery Process and Usage Research data and something interesting popped-up. There might be a relationship between an easy to measure factor that I’ll leave... 
by Stephen Kuenzli | Jun 19, 2019 | DevOps, Docker
Avg Reading Time: 5 minutes An application container is an isolated, resource-limited application execution context by host OS that has been unpacked and configured from an image. That’s a highly technical definition that I’ll break down shortly, but... 