Rory McCune

One of the questions that I’ve been asked on multiple occasions when presenting on Kubernetes security [1] is: “Which distribution should I install?” There are a bewildering number of options for deploying Kubernetes, with over 60 commercial products or open source projects providing methods of deploying it. Making an informed…

The Center for Internet Security (CIS) has recently released a new benchmark standard for Kubernetes deployments, providing a vendor-neutral benchmark to help companies assess against good security practices. Kubernetes is a key player in the containerisation technology market, seeking to help developers and IT staff effectively manage large fleets of…

This is just a short blog post to announce the availability of the new CIS Security Standard for Docker 1.12 which NCC Group was involved in co-authoring and contributing to. The Docker project (and containerisation as a concept in general) has become a hot topic in various aspects of IT…