I had the privilege of being able to talk about what you can do to improve your Azure account security and improve the security posture of your workloads running on Azure as part of Microsoft For Startups' Highway to a 100 Unicorns - Scale Up Thursdays webinar series. You can catch the video on demand by registering over at https://aka.ms/secgen. The slides are available on SpeakerDeck as well on my Talks section.
I recently published couple of articles elsewhere: How to Increase Container Security and Ward Off Threats - Adobe Tech Blog 5 OpenSource tools for container security - OpenSource.com Scanning Docker Images for Vulnerabilities with Aqua Microscanner - previously, on my blog Do give them a read.
Containers are slowly becoming the standardized units of deployment. As containers become more popular, they also become the focus targets for attacking the system via vulnerabilities present in the packages within the image. There are quite a few container vulnerability scanning solutions (example: Clair, Twistlock, now Prisma Cloud, Aqua – however most of them are either commercial or require an elaborate setup, which makes it difficult for individual developers to involve them as part of the container build process.
I first spent weeks arguing on a bugzilla that the security policy of requiring the root password for changing the timezone and adding a new wireless network was moronic and wrong. I think the wireless network thing finally did get fixed, but the timezone never did - it still asks for the admin password. So here’s a plea: if you have anything to do with security in a distro, and think that my kids (replace “my kids” with “sales people on the road” if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now.