In a Kubernetes cluster, certificates are crucial for securing communication between various components. For example, a Kube API server certificate secures communication between the Kubernetes API server and other components. It is used for authenticating and authorizing API requests. This article will help you to validate your private key and certificate. Sometimes, we would miss […]
Security
kubernetes traefik – Managing TLS Certificates – Part 4
How to configure HTTPS for your applications on the Kubernetes cluster? How to manage TLS certificates using traefik? Traefik proxy is a very popular ingress controller in kubernetes environments. It supports both HTTPS (router) and TLS connections. This article explains how to configure TLS connection and obtain TLS certificates dynamically using pebble (Only for the […]
The Importance of Email Encryption for Your Business
Email encryption encrypts data sent and received by the user and data located on endpoints and servers. We know that email is the most commonly used way for businesses to communicate externally with customers and suppliers. Hundreds of millions of emails are sent on a daily basis as we send contracts, invoices, and critical business […]
Meltdown and Spectre Vulnerabilities – Big Threats
Meltdown and Spectre Vulnerabilities have made 80% of servers as Vulnerable in overnight, thanks to Google Project Zero team and other security researchers who have brought such a worst vulnerabilities to the world (At least now). Meltdown vulnerability basically melts security boundaries which are normally enforced by the hardware (CPU). Spectre name is based on the root cause, “speculative […]
Find Last Patched date on Oracle Solaris
Sometimes, we might need to find the last patched date on Solaris server for PCI compliance requirement. Many organizations are started using the configuration management tools to capture last patched date or maintenance date. But in a legacy environment, we might need to do the reverse engineering to identify last patched date for the server. Let’s […]
Shellshock bug – vulnerability on Bash shell
Millions of computers are using bash shell (command interpreter ). New security flaw has been found on bash(Bash Code Injection Vulnerability (CVE-2014-6271) and it allows attackers can take the system control remotely. Heartbleed wave was just over on last april (Openssl vulnerability ).Is Shell-shock hurts more than Heartbleed ? Off-course Yes. Heartbleed was all about sniffing the system […]
How to reduce the Security risk in Solaris ? – Generic OS Hardening steps
Is your Solaris environment is secure enough ? How can we tighten the system security ? Here we will see some basic Hardening steps for Solaris OS.Every organization should maintain hardening checklists of each operating systems which they are using it.Before server is bringing to operation/production, hardening check list needs to be verified by support […]