Scott Lowe

FEBRUARY 17, 2023

Now if Denis’ site just had a discoverable RSS feed… Security Aeva Black and Gil Yehuda tackle the conundrum of open source security. The “Open Guide to Amazon Web Services” is probably a well-known resource, but in the event you haven’t heard of it or seen it referenced, you can find it here on GitHub.

Programming 96

Programming Policies Network Cloud 96

Phil Windley

DECEMBER 28, 2020

The strength of such an identity system based security overlay is derived from the security supporting these bindings. Figure 2: Binding of controller, authentication factors, and identifiers in identity systems. Programmers get the benefits of a trusted message system without need for expensive and difficult development.

Internet 135

Internet Network Architecture Security 135

Scott Lowe

JANUARY 15, 2021

The popular open source cryptography library known as Bouncy Castle has uncovered a severe authentication bypass vulnerability. Cormac Hogan shares some lessons learned using a Kubernetes Operator to query vSphere resources. Operating Systems/Applications. Compute safely.

Linux 60

Linux Firewall Open Source Vmware 60

Scott Lowe

MARCH 20, 2020

Chris Wahl touches on the topic of using GitHub personal tokens to authenticate to HashiCorp Vault. Operating Systems/Applications. Kornelis Sietsma looks at the options for working with multiple git identities on a single system. which brings support for v1alpha3). Virtualization.

Linux 60

Linux Vmware Authentication Storage 60

Scott Lowe

MAY 17, 2019

This article by Bob Killen provides a good foundation of information on understanding Kubernetes authentication (AuthN) and authorization (AuthZ; implemented via RBAC). Operating Systems/Applications. Cindy Sridharan has a good article on health checks and graceful degradation in distributed systems.

Linux 60

Linux Dell Licensing Open Source 60

Scott Lowe

OCTOBER 5, 2012

I came across this post on CloudFoundry’s User Account and Authentication Service (the UAA). Operating Systems/Applications. If you’re seeking more information on UAA, this looks like a good place to start. Cloud Computing/Cloud Management. Definitely worth reading, in my view. Anyone have any clarification here?

Storage 92

Storage Vmware Linux Virtualization 92

Scott Lowe

MAY 27, 2022

Along those lines, one of their latest articles discusses how to achieve identity-based mutual authentication leveraging eBPF. marks the first release of the open source container orchestration platform that is signed using Sigstore (more details here ). Operating Systems/Applications. Kubernetes 1.24 Programming.

Virtualization 79

Virtualization Storage Network Programming 79

Scott Lowe

JULY 5, 2019

As would be expected with any maturing open source project that is starting to see increased adoption, Kubernetes has seen its share of security vulnerabilities over the last couple of months. Lennart Koopmann provides a guide to Yubikey authentication in the real world. Operating Systems/Applications.

Storage 60

Storage Hardware Open Source Vmware 60

Scott Lowe

JANUARY 14, 2016

VMware open-sourced an identity and access management service called Lightwave ( project web site , GitHub repo ). First, he has a post on setting up a multi-node Lightwave domain ; once you have a Lightwave domain running, his post on enabling SSH to authenticate against Lightwave may be useful. Operating Systems/Applications.

Vmware 60

Vmware Devops Storage Linux 60

Scott Lowe

JANUARY 14, 2016

VMware open-sourced an identity and access management service called Lightwave ( project web site , GitHub repo ). First, he has a post on setting up a multi-node Lightwave domain ; once you have a Lightwave domain running, his post on enabling SSH to authenticate against Lightwave may be useful. Operating Systems/Applications.

Devops 60

Devops Vmware Storage Open Source 60

Scott Lowe

APRIL 17, 2017

One use case mentioned is Intuit’s use of Docker, and Golub points out that the person responsible for running Intuit’s systems is confident enough in their systems that they’re attending DockerCon on Tax Day (when as many as 25 million tax returns are expected to be processed). will use Moby for all of its own open source development.

Linux 60

Linux Open Source Windows Security 60

ForAllSecure

FEBRUARY 9, 2022

External vulnerability scans are performed by scanning the public internet for systems and networks that are publicly exposed. Authenticated Scans. Organizations can perform authenticated vulnerability scans to identify vulnerabilities in systems or networks that are not publicly exposed. Network vulnerability scan.

Authentication 40

Authentication Network Applications Operating Systems 40

Phil Windley

JANUARY 8, 2022

But Microsoft figured out how to recentralize the industry around a proprietary operating system. Identity is the ability to recognize, remember, and react to people, organizations, systems, and things. In the current web, companies employ many ponderous technological systems to perform those functions.

Applications 52

Applications System Software Software 52

Scott Lowe

JUNE 18, 2021

Sonia Cuff provides a set of links for detailed instructions on setting up VPN access from macOS to Microsoft Azure with Azure Active Directory authentication. Operating Systems/Applications. Michael Gasch has a nice post on git and using it to collaborate on an open source project.

Vmware 60

Vmware Hardware Load Balancer Apple 60

Scott Lowe

MARCH 2, 2020

Colleague and teammate Eric Shanks takes readers through what’s necessary to do Active Directory authentication for Kubernetes clusters. Operating Systems/Applications. Chip Zoller makes the argument in favor of running Kubernetes in/on virtual machines. Both are good articles.

Linux 60

Linux Windows Hardware Network 60

Linux Academy

MARCH 28, 2019

It is important to use security tooling such as OpenSCAP, the open source version of the Security Content Automation Protocol, to harden virtual machine images prior to their deployment in virtual private clouds. Vulnerabilities at the operating system level may be exploited by rogue container workloads if not hardened.

Policies 68

Policies Linux Virtualization Security 68

Scott Lowe

APRIL 21, 2016

Mike Foley recently published a two-part series on two factor authentication (2FA) for vSphere ( part 1 is here ; part 2 is here ). Operating Systems/Applications. Although it’s not feature-complete (by a long shot), VMware recently open-sourced version 0.1 Cloud Computing/Cloud Management.

Vmware 60

Vmware Linux Hardware Network 60

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. It also lead to even more testing of election system devices in other states.

System 52

System Open Source Security Mobile 52

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. It also lead to even more testing of election system devices in other states.

System 52

System Open Source Security Mobile 52

ForAllSecure

DECEMBER 17, 2021

As I produce this episode, there's a dangerous new vulnerability known informally as Log4Shell, it’s a flaw in an open source Java logging library developed by the Apache Foundation and, in the hands of a malicious actor, could allow for remote code injection. Vamosi: The idea behind Open Source is great.

Open Source 52

Open Source Software Software Applications 52

ForAllSecure

OCTOBER 20, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. It also lead to even more testing of election system devices in other states.

System 40

System Open Source Security Mobile 40

ForAllSecure

MARCH 30, 2022

Their Operating System type was set to windows. The WA agent is an open source software hosted on GitHub. After accessing that URL an authentication prompt popped up requesting for a certification certificate, meaning this is one of the doors we were looking for. Vamosi: They noticed another interesting thing here.

Firewall 52

Firewall Virtualization Authentication Linux 52

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Problem is, MAC addresses are not great for authentication. It seemed that once you authenticated through the local network, the app maintain that access, even if you are halfway across the world.

Internet 52

Internet Research Security Tools 52

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Problem is, MAC addresses are not great for authentication. It seemed that once you authenticated through the local network, the app maintain that access, even if you are halfway across the world.

Internet 52

Internet Research Security Tools 52

Scott Lowe

MARCH 1, 2019

VyOS is an open source Linux-based network operating system.). Part 1 covers auto-unsealing Vault ; part 2 covers authenticating to Vault using instance metadata ; and part 3 discusses authenticating to Vault using an IAM user or role. Operating Systems/Applications. Go check out part 2.

Authentication 60

Authentication Operating Systems Network Open Source 60

Scott Lowe

APRIL 19, 2019

This article discusses four open source secrets management tools. Many organizations prefer to use two-factor authentication (2FA) to help protect their systems. ” Operating Systems/Applications. Sysdig explains PSPs, and talks about kube-psp-advisor , a tool to help simplify deploying PSPs.

Open Source 60

Open Source Tools Cloud Vmware 60

ForAllSecure

DECEMBER 2, 2021

You’ll want someone with years of pen testing experience, some one who knows the operating system like no other. So in general, an operating system that eventually allows you to gain more information about the context within which attack was made. Maybe your first concern is to make sure the company is functional.

Examples 52

Examples Operating Systems Course System 52