Shodan
Search Engine for the Internet of Everything Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions. Sign Up Now Beyondthe Web Websites are just one part of the Internet. Use Shodan to discover everything from power plants, mobile phones, refrigerators and Minecraft servers. MonitorNetwork Exposure Keep track
æ‚©ã¿ã«æ‚©ã‚“ã Kubernetes Secrets ã®ç®¡ç†æ–¹æ³•ã€External Secrets ã‚’é¸ã‚“ã ç†ç”± | PLAID engineer blog
æ‚©ã¿ã«æ‚©ã‚“ã Kubernetes Secrets ã®ç®¡ç†æ–¹æ³•ã€External Secrets ã‚’é¸ã‚“ã ç†ç”±#ops#Kubernetes#k8s#gitops#secret
bcbf60b0c0d1
AWS Secrets Manager vs. Hashicorp Vault vs. AWS Parameter Store by@nimboya Too Long; Didn't ReadAs you move faster and faster with your DevOps practice, there is a piece of the puzzle that seems to be a little snag. That snag can cost you a whole lot, in terms of system security, management and updates. Application Parameters/Configurations; these guys practically determine how our applications ru
kube-psp-advisorã§Kubernetes Pod Securityを有効ã«ã™ã‚‹
本文ã®å†…容ã¯ã€2019å¹´2月6æ—¥ã«Sysdigã®Kaizhe HuangãŒæŠ•ç¨¿ã—ãŸãƒ–ãƒã‚°(https://sysdig.com/blog/enable-kubernetes-pod-security-policy/)ã‚’å…ƒã«æ—¥æœ¬èªžã«ç¿»è¨³ãƒ»å†æ§‹æˆã—ãŸå†…容ã¨ãªã£ã¦ãŠã‚Šã¾ã™ã€‚ Kubernetes Podã‚»ã‚ュリティãƒãƒªã‚·ãƒ¼ã¯ã€Kubernetesã§æœ€é«˜ã®ã‚»ã‚ュリティ対ç–を実施ã™ã‚‹ãŸã‚ã®ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã§ã™ã€‚ ã“ã®ãƒãƒ¥ãƒ¼ãƒˆãƒªã‚¢ãƒ«ã§ã¯ã€kube-psp-advisorを使用ã—ã¦ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã§Kubernetes Podã‚»ã‚ュリティãƒãƒªã‚·ãƒ¼ã‚’有効ã«ã—ã€é‹ç”¨ä¸ã®Kubernetesã«é©å¿œåž‹ã®ãã‚ç´°ã‹ã„ã‚»ã‚ュリティãƒãƒªã‚·ãƒ¼ã‚’構築ã™ã‚‹ã¨ã„ã†å®Ÿéš›çš„ãªèª²é¡Œã«å¯¾å‡¦ã™ã‚‹æ–¹æ³•ã‚’説明ã—ã¾ã™ã€‚ 例)Kubernetes Pod Security ãƒãƒªã‚·ãƒ¼ã¨ã¯ï¼Ÿ Kubernetesãƒãƒƒãƒ‰ã‚»ã‚ュリティãƒãƒªã‚·ãƒ¼ã¯ã€Kuberne
KubeCon å ±å‘Šï¼šã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ã‚„Firecrackerã®è©±é¡Œã²ã¨ã¨ãŠã‚ŠæŒ¯ã‚Šè¿”ã£ã¦ã¿ã‚ˆã†
Docker Meetup Tokyo #27ã§ã®ç™ºè¡¨è³‡æ–™ã§ã™ã€‚ KubeCon+CloudNativeCon 2018 NAã§æŒ™ãŒã£ãŸã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ãŠã‚ˆã³Firecrackerã«é–¢ã™ã‚‹è©±é¡Œã‚’網羅的ã«æŒ¯ã‚Šè¿”ã‚Šã¾ã—ãŸã€‚ コンテナランタイムã¯ä»Šã€ç¾¤é›„å‰²æ‹ ã®æ§˜ç›¸ã‚’呈ã—盛り上ãŒã‚Šã‚’見ã›ã¦ã„ã¾ã™ã€‚ KubeConã«ãŠã„ã¦ã‚‚コンテナランタイムã®è©±é¡Œã‚’å–り扱ã†ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¯å¤šã開催ã•ã‚Œã¾ã—ãŸã€‚ ãれらセッションã§ã¯ä¸»ã«ä»¥ä¸‹ã®ã‚ˆã†ãªè©±é¡ŒãŒæŒ™ãŒã£ã¦ã„ã¾ã—ãŸã€‚ ・コンテナランタイムã®æ´å²ã‚„標準 ・Kubernetesã®ã‚»ã‚ュリティã¨ã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ・2018å¹´ã«è©±é¡Œã«ãªã£ãŸã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ã®ç´¹ä»‹ 本発表ã§ã¯ã€ãれらセッションやã€å ´å¤–ã§é–‹å‚¬ã•ã‚ŒãŸFirecrackerメンテナã¨containerdメンテナã«ã‚ˆã‚‹ã‚¤ãƒ³ãƒ†ã‚°ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã«é–¢ã™ã‚‹ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã®æ§˜åãªã©ã‚’å–り扱ã„ã¾ã—ãŸã€‚ å„スライドã«ã€å¯¾å¿œã™ã‚‹Ku
Sustainable Kubernetes
KubernetesクラスタをæŒç¶šå¯èƒ½ã«ã™ã‚‹ãŸã‚ã«ã€ã„ã¾ã‹ã‚‰ã§ãã‚‹ã“ã¨ã€‚ Sustainable Kubernetes = Baseline Kubernetes + Continuous Security + GitOps builderscon 2018ã®ç™»å£‡è³‡æ–™ã§ã™ã€‚ https:/…
PostgreSQL Security. How Do We Think? at PGCon 2017
PGCon 2017 presentation material. "PostgreSQL Security How Do We Think?" https://www.pgcon.org/2017/schedule/events/1070.en.html In this presentation, I will talk about the following two topics. * Considerations for securing a database system. * Current status of database audit on PostgreSQL Read less
監査è¦ä»¶ã‚’有ã™ã‚‹ã‚·ã‚¹ãƒ†ãƒ ã«å¯¾ã™ã‚‹ PostgreSQL å°Žå…¥ã®èª²é¡Œã¨å¯èƒ½æ€§
5. 5Copyright©2015 NTT corp. All Rights Reserved. DB管ç†è€…ãŒç–‘ã‚ã‚Œã¦ã—ã¾ã†ï¼ï¼Ÿ 示唆ã—ãŸã€‚ã¾ãŸæƒ…å ±ã«å¯¾ã™ã‚‹ä¾µå®³ã‚’分類ã—ã€æ¼ãˆã„(機密性)ã€ç ´å£Šï¼ˆå¯ç”¨æ€§ï¼‰ã€æ”¹ã–ん(完 全性)ã«ã¤ã„ã¦ãã‚Œãžã‚Œè³ªå•ã—ã€åŠ ãˆã¦ãƒ‘スワードã®æ¼ãˆã„ã«ã¤ã„ã¦ã‚‚質å•ã—ãŸãŒã€çµæžœ ã¯ã»ã¼åŒã˜å‚¾å‘を示ã—ãŸã€‚ Q: å°†æ¥ã€ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹æƒ…å ±ã‚’ã“ã£ãり売å´ã™ã‚‹ã‹ã‚‚知れãªã„。(図 3-20) ãã†æ€ã† 3.6% ã‚„ã‚„ãã†æ€ã† 7.1% ã©ã¡ã‚‰ã¨ã‚‚ã„ ãˆãªã„ 13.4% ã‚ã¾ã‚Šãã†æ€ ã‚ãªã„ 10.4% ãã†æ€ã‚ãªã„ 65.5% 引用元:DBSC 「DBA 1,000 人ã«èžãã¾ã—ãŸã€ã‚¢ãƒ³ã‚±ãƒ¼ãƒˆèª¿æŸ»å ±å‘Šæ›¸ http://www.db-security.org/report/dbsc_dba_ver1.0.pdf ç´„1割ã®DB管ç†è€…ãŒDBã« æ ¼ç´ã•ã‚Œã¦ã„ã‚‹æƒ…å ±ã‚’å£² å´ã™
5分ã§ã‚ã‹ã‚‹ Perl and web security
yapcjapan2016_lt.md 5分ã§ã‚ã‹ã‚‹ Perl and web security ma.la CSRFã¨ã‹XSSã¨ã‹ CSRF: フレームワークã®æ©Ÿèƒ½ä½¿ã£ã¦ä¸‹ã•ã„ XSS: Xslateã¨ã‹è‡ªå‹•ã‚¨ã‚¹ã‚±ãƒ¼ãƒ—ã—ã¦ä¸‹ã•ã„ã€jsã®å‹•çš„生æˆã¯ã™ã‚‹ãª 終ã‚ã‚Š 本題 YAPCãªã®ã§Perl固有ã®å•é¡Œã«ã¤ã„ã¦è§£èª¬ã—ã¾ã™ã€‚ Webアプリケーションã®ä¸€èˆ¬çš„ãªæµã‚Œ パラメータå—ã‘å–ã‚‹(フォームã¨ã‹JSONã¨ã‹) 何らã‹ã®å‡¦ç†ã‚’ã™ã‚‹ レスãƒãƒ³ã‚¹ã‚’è¿”ã™(HTMLã¨ã‹JSONã¨ã‹) フォームやJSONを安全ã«å—ã‘å–ã‚‹ã«ã¯ paramã¯scalarã§å—ã‘å–ã‚Šã¾ã—ょㆠWhy $params = { name => $r->param("name"), value => $r->param("value"), } ã“れをやる㨠?name=hoge&name=fuga ã§å£Šã›ã‚‹ã€‚ list context
RHEL5/CentOS5ã§GlobalSignã®ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãŒæœ‰åŠ¹æœŸé™åˆ‡ã‚Œã§å¤§é¨’ãŽ
ã“ã‚“ã«ã¡ã¯ã€‚CTOã®é¦¬å ´ã§ã™ã€‚ 昨晩1/28 21:00JSTã«RHEL5/CentOS5ã«ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„るルート証明書ã®ã†ã¡ã€GlobalSignã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¾ã—ãŸã€‚ ä¼´ã£ã¦REHL5/CentOS5ã‹ã‚‰ã®HTTPS(SSL)接続ã«ã¦GlobalSignã®è¨¼æ˜Žæ›¸ã‚’使ã£ã¦ã„るサイトã¸ã®æŽ¥ç¶šãŒã‚¨ãƒ©ãƒ¼ã«ãªã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ç§ã®ç¢ºèªã—ã¦ã„る範囲ã§ã¯ã€ curlコマンドやPHPã®curlライブラリãªã©ã§ã®æŽ¥ç¶šæ™‚ã«æŽ¥ç¶šã‚¨ãƒ©ãƒ¼ã¨ãªã‚‹ã“ã¨ã«èµ·å› ã—ã¦ä»¥ä¸‹ã®ã‚ˆã†ãªå½±éŸ¿ãŒå‡ºã¦ã„ã¾ã™ã€‚ ※接続ã•ã‚Œã‚‹å´ã§ã¯ãªãã¦ã€æŽ¥ç¶šã™ã‚‹å´ã§ã®å•é¡Œã§ã™â€» oauthãªã©ã®å¤–部èªè¨¼ãŒä¸å¯ 決済ãªã©ã®å¤–部連æºãŒä¸å¯ å¯¾ç– RHEL5ã®å ´åˆã€errataãŒå…¬é–‹ã•ã‚Œã¦ã„ã‚‹ã®ã§updateã—ã¾ã—ょã†ã€‚ Red Hat Customer Portal https://rhn.redhat.com/errata/RHEA-201
Symfony2ã§æ¨©é™ã®çµ„ã¿åˆã‚ã›ã‚’満ãŸã™å ´åˆã®ã¿ã‚¢ã‚¯ã‚»ã‚¹ã‚’許å¯ã—ãŸã„ - Do You PHP ã¯ã¦ãƒ–ãƒ
Symfony2ã§ã¯æ¨©é™ã«ã‚ˆã‚‹ã‚¢ã‚¯ã‚»ã‚¹åˆ¶å¾¡ã¯app/config/security.ymlãªã©ã«ã‚ã‚‹"access_control"ã§æŒ‡å®šã—ã¾ã™ãŒã€ç›´ä¸‹ã®rolesã«ã¯è¤‡æ•°ã®æ¨©é™ãŒè¨å®šã§ãã¾ã™ã€‚ security: access_control: - { path: ^/foo/bar/, roles: [ROLE_A, ROLE_B]} ãŸã ã—ã€ã“ã®rolesã£ã¦"ORæ¡ä»¶"ãªã®ã§ã€ä¸Šã®ä¾‹ã®å ´åˆã ã¨ROLE_Aã‹ROLE_Bã‚’æŒã£ã¦ã„ã‚Œã°"/foo/bar/"ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã™ã€‚ ã§ã€rolesã‚’ANDæ¡ä»¶ã«ã™ã‚‹æ–¹æ³•ã¯ãªã„ã‹ã¨ security.ymlã®security.access_control.rolesã«è¤‡æ•°æ›¸ã„ãŸæ™‚ã¯ORæ¡ä»¶ãªã®ã‹ã€‚ANDæ¡ä»¶ã«ãªã‚‰ã‚“ã®ã‹ãª? ã¨ãƒ„イートã—ãŸã¨ã“ã‚ã€id:Fivestarã•ã‚“ã‹ã‚‰ @shimooka ãã—ãŸã‚‰security.access.sim
実ã¯åŽ„介ã€ã‚±ãƒ¼ã‚¿ã‚¤Webã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ç®¡ç†
実ã¯åŽ„介ã€ã‚±ãƒ¼ã‚¿ã‚¤Webã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ç®¡ç†ï¼šå†è€ƒãƒ»ã‚±ãƒ¼ã‚¿ã‚¤Webã®ã‚»ã‚ュリティ(3)(1/3 ページ) “特殊ã â€ã¨å½¢å®¹ã•ã‚Œã‚‹ã“ã¨ã®å¤šã„日本ã®æºå¸¯é›»è©±å‘ã‘Webサイト。ãã“ã«ã¯ã€ã•ã¾ã–ã¾ãªæ€ã„è¾¼ã¿ã‚„性善説ã®ä¸Šã—ã‹æˆã‚Šç«‹ãŸãªã„ã‚»ã‚ュリティãŒæ¨ªè¡Œã—ã¦ã„ã¾ã™ã€‚本連載ã¯ã€ã‚±ãƒ¼ã‚¿ã‚¤Webã®ç‰¹æ®Šæ€§ã‚’ã¦ã„ãã„ã«è§£èª¬ã—ã€æ£ã—ã„ケータイWebã‚»ã‚ュリティã®ã‚ã‚‹ã¹ã姿を考ãˆã¾ã™ï¼ˆç·¨é›†éƒ¨ï¼‰ 「Cookieを使ãˆãªã„端末ã€ã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’管ç†ã™ã‚‹æ–¹æ³•ã¯ï¼Ÿ 第2回「間é•ã„ã らã‘ã®ã€Žã‹ã‚“ãŸã‚“ãƒã‚°ã‚¤ãƒ³ã€å®Ÿè£…法ã€ã§ã™ãŒã€å¤šãã®æ–¹ã«èªã‚“ã§ã„ãŸã ãã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã—ãŸã€‚ 今回ã¯ã€å‰å›žã«å¼•ã続ã架空ã®SNSサイト「グダグダSNSã€ã®ã‚±ãƒ¼ã‚¿ã‚¤å¯¾å¿œã‚’é¡Œæã¨ã—ã¦ã€ã‚±ãƒ¼ã‚¿ã‚¤Webã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ç®¡ç†ã®å•é¡Œç‚¹ã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚æºå¸¯é›»è©±å‘ã‘Webアプリケーション(ケータイWeb)ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ç®¡ç†ã¯ã€ã‹ã‚“ãŸã‚“ãƒã‚°ã‚¤ãƒ³ã‚ˆã‚Šã‚‚対ç–ãŒé›£ã—ãã€åŽ„介ãªå•
ランã‚ング
ランã‚ング
ランã‚ング
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
Berkeley Packet Filter(BPF)入門 - ï¼ IT
Understanding the Kubernetes Attack Surface
GitHub - kyverno/kyverno: Cloud Native Policy Management
Starboard: The Kubernetes-Native Toolkit for Unifying Security
https://netdevconf.org/1.2/papers/ktls.pdf
WES7ã§Windows 7ã®æ–°æ©Ÿèƒ½ã€ŒAppLockerã€ã‚’使ã†ï¼
http://kb2.adobe.com/cps/191/tn_19166.html
Burp Suite - Application Security Testing Software
{{#tags}}- {{label}}
{{/tags}}