Tag: security

47 How can I manage secrets in .tf and .tfstate? 2017-02-28T18:14:01.187

42 What are best and comprehensive practices to consider when running docker in production? 2017-09-07T05:16:48.140

24 Where to put ansible-vault password 2018-02-07T10:47:30.047

19 What Is SecOps? 2017-03-27T13:15:15.157

14 How to prohibit access to internals of Docker container? 2017-05-06T09:45:55.890

11 How should I store credentials my application needs? 2017-03-01T19:54:48.860

11 Is it bad to use sudo from Jenkins? 2017-10-18T19:03:49.087

10 Storing encrypted secrets in code for a serverless.com project 2017-03-17T09:11:17.047

10 Open Ports on Google Cloud Load Balancer 2017-04-10T19:04:14.837

7 How to only allow API Gateway requests to reach our EC2 instances 2017-03-03T01:31:39.423

7 What strategies can be employed to secure sensitive data in log files? 2017-03-18T10:59:17.450

7 Ansible - private git repositories - SSH agent forwarding vs copying private SSH key 2017-09-15T18:00:16.717

7 Running unmanaged Hardware Security Modules (HSMs) in the Cloud 2017-12-01T12:36:58.623

6 Running the docker daemon without root 2017-09-07T21:47:11.683

6 When your micro service in production needs a secret, where is the secret stored and retrieved from? 2018-03-18T09:14:31.943

5 Securing communication between cloud VMs without private networks. Any strategy besides building own VPN? Spiped? 2019-04-16T15:32:55.137

4 Docker Sign an Image with an existing Certificate 2017-08-29T15:27:28.883

4 Docker MongoDB image - How to specify credentials other than in the compose file? 2018-03-10T00:39:54.517

4 Docker security risks passing secrets over environment variables 2018-09-28T08:23:44.993

3 Docker Security Scanning: How to integrate Clair with a docker private registry? 2017-09-19T07:56:01.997

3 Is it possible to securely delete a file from a virtual disk in a cloud provider? 2018-01-23T14:54:54.070

3 How to list security groups for the specific instance via CLI? 2018-02-07T17:36:16.690

3 Mitigating Maven Central risks as seen from the DevSecOps perspective 2018-02-27T08:36:02.743

3 Encrypted at rest persistent volume in kubernetes? 2018-04-16T12:39:18.437

3 How to securely pass sensitive data to EC2 Spot instances? 2019-02-22T06:15:58.683

2 Sharing Gems between Chef and System Ruby 2017-10-07T15:53:44.780

2 Real-World Validating the Integrity of a Docker Container 2017-12-14T19:07:57.657

2 Issue integrating acunetix with jenkins 2018-01-18T16:42:43.380

2 How do you know which secrets and credentials of your production services were used, and by whom/what? 2018-03-18T10:47:27.147

2 Bad practice having a single SSH gateway with access to all environments? 2018-07-11T21:10:53.630

2 Context of DevOps in ISO 27001 security audits 2018-12-05T10:33:45.087

2 Accessing TPM from inside a Docker Container 2019-07-01T12:51:43.740

2 Azure Security Center with Ubuntu 19 2019-07-06T21:21:29.980

2 Restrict user logon in Jenkins 2019-08-02T12:27:26.760

2 Provide customers with access to Azure Container Registry 2019-10-05T12:55:28.127

2 What are the best practices for anti-virus / anti-malware when using containers? 2019-11-07T18:56:21.927

2 How to verify hashes of Ansible Galaxy dependencies? 2019-11-18T10:47:58.580

1 What are known component intelligence tools? 2017-05-18T09:35:25.333

1 What tool is able to analyze images by connecting to clair? 2017-09-19T09:24:10.140

1 terraform chef provisioning - cannot validate certificate for because it doesn't contain any IP SANs 2018-01-23T20:46:58.760

1 How do you change a secret that half of your production applications use right now? 2018-03-18T09:56:05.313

1 Does the Chef bash resource create history entries? 2018-04-25T15:16:07.077

1 Possibility of container breakout compared to VM (virtual machines) 2018-07-05T12:33:44.147

1 How to avoid an avalanche of images in Openshift when security patches keep coming in? 2018-07-30T16:59:52.043

1 MFA for Artifactory Cloud 2018-07-30T23:03:28.710

1 Error during setup of clairctl for container scanning with clair 2018-09-20T04:55:55.310

1 How can you pass private environment variables to FARGATE tasks specified from a Docker Compose config 2018-12-14T00:31:44.740

1 What are the security loopholes closed by introducing Istio 2018-12-14T11:51:50.490

1 How to setup external service (keycloak) to protect an app in kubernetes? 2018-12-21T15:13:16.670

1 How to securely distribute and use Nexus credentials? 2019-01-27T14:03:24.587

1 How can I expose port 3389 using a secure approach 2019-05-30T22:21:13.377

1 Are using TestContainers safe for integration tests? 2019-07-15T16:25:04.243

1 Mitigating Docker Compliance Issues - Can I put everything in the `daemon.json`? 2019-09-17T19:12:29.990

1 Assign Directory Read/Write Privileges to Azure Service Principal from the command line? 2019-11-20T17:36:01.470

0 How do I launch Lambda in my own VPC? 2017-06-22T07:52:53.973

0 Kubernetes user mode in production 2017-09-21T07:23:41.147

0 From a security perspective, to which location should one copy an app inside a docker image? 2018-02-11T13:21:16.783

0 What are best practices for securing connections between CI and artifact managers in the cloud? 2018-05-16T20:30:25.147

0 Understanding and tweaking AWS policies for job functions 2018-10-16T09:01:57.163

0 What is the most common server permission policy for web application deployment? 2019-06-17T02:45:12.917

0 How to make sure the storage of an AWS isn't accessible without a private ssh key? 2019-07-25T12:12:29.390

0 Securely saving AZURE_STORAGE_KEY and storage account name in Linux systems 2019-08-09T19:50:15.433

0 Per machine credentials for privileges escalation using AWX 2019-08-27T09:04:16.607

0 Recomendation for automated rotation of a JSON keyring? 2019-09-05T17:04:47.663

-1 AWS IAM policy and reduce access to only the latest services used 2019-06-10T11:39:55.387

-3 How can CaaS, PaaS, and FaaS users know if the operating system of their server environment is of the newest release? 2018-12-11T17:58:45.773