Avatar photo
By: Glen Kosaka

December 12, 2021 1:29 pm

5,526 views

Critical Vulnerability in Apache Log4j 2 (CVE-2021-44228)

A critical, high severity vulnerability (CVSS v3.0 10/10 rating) in the Apache Log4j open source Java logging library was disclosed Thursday, December 9 on the foundation’s github page. On Wednesday, Dec 15 a new vulnerability CVE-2021-45046 was published and patched, according to this article. This was the result of an incomplete initial patch […]

Read More


Avatar photo
By: Glen Kosaka

March 12, 2019 11:28 am

5,030 views

Container Segmentation Strategies and Patterns

At a recent container security conference the topic of ‘container segmentation patterns’ came up, and it became clear that many security architects are wrestling with how to best segment workload communication in the dynamic environment of containers. The question was also raised “Is the DMZ dead?” The concept of network segmentation has […]

Read More


Avatar photo
By: Glen Kosaka

September 13, 2018 11:52 am

11,094 views

How Kubernetes Networking Works – Under the Hood

  By Tobias Gurtzick Kubernetes networking is a complex topic, if not even the most complicated topic. This post will give you insight on how kubernetes actually creates networks and also how to setup a network for a kubernetes cluster yourself. This article doesn’t cover how to setup a kubernetes cluster itself, you […]

Read More


Avatar photo
By: Glen Kosaka

April 18, 2018 12:17 pm

4,898 views

How Kubernetes Networking Works – The Basics

Kubernetes 101 Before I get into Kubernetes networking, here are the basic concepts to know about in Kubernetes. For those not familiar with Kubernetes, these are the objects and terms used in a Kubernetes deployment. Kubernetes is a container orchestration and management tool for automating the deployment and monitoring of containers. Kubernetes is supported by […]

Read More


Avatar photo
By: Glen Kosaka

March 22, 2018 12:28 pm

2,369 views

Kubernetes System Security – Protecting Against Kubelet Exploits

By Andson Tung As critical as it is to protect application containers deployed by Kubernetes, it is just as critical to protect the Kubernetes system containers from attacks or from being used in an attack. In this post I’ll focus on one important Kubernetes security area – protecting the Kubelet, which manages the pods […]

Read More


Avatar photo
By: Neuvector

January 5, 2017 3:01 pm

6,063 views

How Docker Swarm Container Networking Works – Under the Hood

By Gary Duan, CTO, NeuVector Docker 1.12 is a release loaded with a lot of great features. With built-in orchestration and by removing dependencies on the external KV store, Docker Swarm allows DevOps to quickly deploy a multi-host docker cluster that “just works.” Although not without controversies, when compared to Kubernetes, Docker […]

Read More


Avatar photo
By: Neuvector

October 4, 2016 3:09 pm

5,480 views

Securing East-West Traffic in a Container-based Data Center

Enterprise applications moving into the cloud, either public or private, is one of the most prominent trends in the tech industry. A lot of attention has been placed on how to setup the data center environment and deploy applications in recent years, but little attention has been paid to securing east-west traffic. As the infrastructure […]

Read More