Category: Cybersecurity

Secure Container Signing with Cosign and PKCS#11

Over the past few years container adoption has grown rapidly. With it has grown the need to sign container images to help prevent supply chain attacks. The standards and tools to sign images have evolved over the years, and can still be a bit tricky to navigate for those new to container signing. This post will provide a brief background on some of the tools and standards, the pros and cons of each, and some best practices to follow when signing in your environment.

Read More »

Key-Based Authentication: Using Cryptographic Controls To Manage Access To Enterprise Resources

Enterprises have a wide array of resources to protect: file shares, email servers, production systems, databases, source code repositories, DevOps tools, and more. If key-based authentication is enforced for all of these different resources, and the keys are secured in a centrally-managed KMS or HSM, the enterprise can easily enforce granular controls, monitor access to resources, audit key usage, and restrict access as required. Learn more in this post.

Read More »

A Novel Approach To Privileged Access Management

All too often, enterprises take a piecemeal approach to PAM. Some elements of PAM may be properly secured (e.g., SSH), while all the other methods used to access privileged resources are overlooked. This blog post discusses a new approach to improving PAM across the board.

Read More »