Kubernetes authentication presents a unique challenge. While Kubernetes defines the concepts of both user accounts and service accounts natively, it doesn’t provide us with a single, built-in method for authenticating those accounts. Instead, we must choose from a variety of techniques involving third-party tools or resources to perform Kubernetes cluster authentication.
Managing Access to Ephemeral Infrastructure At Scale
Managing a static fleet of strongDM servers is dead simple. You create the server in the strongDM console, place the public key file on the box, and it’s done! This scales really well for small deployments, but as your fleet grows, the burden of manual tasks grows with it.
How to Change the MySQL root Password
On an unmodified MySQL install, the root user account does not have a password. This is extremely insecure! As a systems administrator, we know that the easiest way to compromise a system is using the default unchanged password with admin privileges.
How to create a Linux bastion host and log SSH commands Part 3 | A step-by-step tutorial
Want to secure remote access to a private network? In this series of technical posts, we will share step-by-step instructions to create a Linux bastion host and create an audit trail by logging SSH commands.
SSH Audits Made Simple
If you work with systems that run any variety of Linux or BSD then the probability is high that you have dealt with SSH. Invented in 1995 and established as an internet standard by the IETF in 2006, Secure Shell has become the default mechanism for remote access to servers by individuals and teams everywhere.
Everything You Need to Know About SOC 2 Audits
Whether you’re looking to achieve SOC 2 compliance, or just want to learn more about it, your Googling is bound to lead you to a wealth of articles chock full of buzzwords and acronym soup. In this post, we will provide a guide with definitions, links and resources to gain a solid understanding of everything you need to know about SOC 2 audits.
The Definitive Guide to SOC 2 Policy Frameworks
If this is your first time pursuing SOC 2 certification, you will quickly find that documentation is the cornerstone of a successful audit. Writing clear, concise policies is especially critical, and if you don’t currently have a policy structure in place, it can be difficult to figure out which policies you need.
A Practical Approach to Just-in-Time Access for Developers
You're the DBA or maybe the Sysadmin at your company. Whatever your title, you’re the gatekeeper, and the key master for your company's database servers.
strongDM for Admins — Getting Started
You’ve done it— you’ve taken the plunge. You’re ready to move away from complicated user management like LDAP, ready to stop worrying about private keys existing on developer laptops, and ready to up your compliance game with audit trails all of your SSH and database sessions.
Software Development Lifecycle Policy | A Practical Guide to SOC2
A software development lifecycle (SDLC) policy helps your company not suffer a similar fate by ensuring software goes through a testing process, is built as securely as possible, and that all development work is compliant as it relates to any regulatory guidelines and business needs.Here are some primary topics your software development lifecycle policy and software development methodology should cover
How To: Remove Developers from the AWS Console
Gone are the days of sharing AWS root account credentials in a shared 1Password vault. Or worse, via email. With this in mind, one of the first steps to securing our AWS account is setting up AWS IAM.
1 / 5
Connect your first server or database in 5 minutes. No kidding.
"When strongDM said deployment would take an hour, I assumed they were full of it and blocked out a full day. We finished in 45 minutes." - Peter Tormey, Manager DataOps, SoFi