Integrations

An explanation of role-based access control (RBAC) in Kubernetes, why it is hard to manage manually and practical strategies for simplifying RBAC in large-scale clusters.

On an unmodified MySQL install, the root user account does not have a password. This is extremely insecure! As a systems administrator, we know that the easiest way to compromise a system is using the default unchanged password with admin privileges.

Abstract-away usernames and passwords and allow the systems administrator to keep the master passwords safe under lock & key.

SSH audit logs allow you to determine, either retroactively or in real-time, when an unauthorized or destructive action was taken, and by whom.

Should application developers have access to production database systems? This is a question as old as Vampires and Werewolves.

So you’re ready to move away VPN or from complicated user management like LDAP, ready to stop worrying about private keys existing on developer laptops, and ready to up your compliance game with audit trails on all of your SSH and database sessions.

Gone are the days of sharing AWS root account credentials in a shared 1Password vault or worse, via email. With this in mind, one of the first steps to securing our AWS account is setting up AWS IAM.

Managing RBAC in a way that’s suitable to the size of your company is confusing and overwhelming. Before speeding to implementing policy, it’s worth figuring out what problems RBAC is actually trying to solve.

While primarily geared towards developers, PostgreSQL is also designed to help system administrators safely and robustly store information in databases. In this post, we will demonstrate how to install a PostgreSQL database and then configure Active Directory users to authenticate to it.

There are a number of ways to automate user provisioning but the real challenge lies in keeping track of those credentials.

Joel Fulton is the Chief Information Security Officer for Splunk. At Splunk, they've put effort into transforming their organization from a waterfall approach to agile, to now a DevSecOps approach.

SOC 2 compliance, like so many things related to IT and security, is chock full of terms and acronyms to learn. If you are just getting started with SOC 2, it’s helpful to get familiar with this alphabet soup ahead of time so you can move your compliance efforts forward with confidence. Below is a SOC 2 terminology glossary to get you started: