Greg Castle

@mrgcastle

Security for Google Kubernetes Engine | Former pentester, DFIR and OS X security | he/him

Vrijeme pridruživanja: srpanj 2010.
12 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @mrgcastle

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @mrgcastle

  1. Prikvačeni tweet
    22. stu 2019.

    Video of my kubecon talk with on breaking node isolation is up! Slides:

    Starting to try and catch up on all the cool talks from Kubecon . This one from and is great. Some neat hacks and lots of info on node security challenges.
    3 proslijeđena tweeta 13 korisnika označava da im se sviđa
    Poništi
  2. 11. sij

    Some great speaking advice here.

    Okay. For every retweet this gets (TO A POINT!) I'll add a thought / tip / observation about speaking at conferences.
    Prikaži ovu nit
    1 reply 2 proslijeđena tweeta 5 korisnika označava da im se sviđa
    Poništi
  3. 11. sij

    Bunch of hardening work complete!

    it's rewarding to look back and see the ongoing improvements in hardening GKE 👩‍💻
    1 reply 1 proslijeđeni tweet 22 korisnika označavaju da im se sviđa
    Poništi
  4. 10. pro 2019.

    A lot to consider when attempting to isolate a compromised workload in . Here we give advice on how to do it on GKE to minimize impact on other workloads using cordon, drain, firewalls, and avoid traps like node auto-repair happening mid-investigation.

    seriously this is a gem, it was a LOT of hard detailed work by and . Save it for later 🔒
    Prikaži ovu nit
    1 proslijeđeni tweet 9 korisnika označava da im se sviđa
    Poništi
  5. 3. pro 2019.

    Thanks so much! It was fun to work on :)

    If you missed and ‘s talk at KubeCon, check it out now. It’s super fun, informative, and well-presented.
    Prikaži ovu nit
    1 reply 3 korisnika označavaju da im se sviđa
    Poništi
  6. 28. stu 2019.

    May the packets flow and the pagers remain silent. Wishing good luck for y'all.

    I don’t know the blessing is for keeping services up on Black Friday through Cyber Monday, but to all my infra friends who have spent months in prep, Godspeed and good luck!
    6 proslijeđenih tweetova 41 korisnik označava da mu se sviđa
    Poništi
  7. 21. stu 2019.

    AMAZING guided hacking workshop by . They presented highly entertaining and educational attack/defence scenarios. Many knowledge bombs dropped in a room full of warm fuzzy hacker vibes. Congrats!

    1 reply 6 proslijeđenih tweetova 19 korisnika označava da im se sviđa
    Poništi
  8. 21. stu 2019.

    It's going to be a completely full house for CTF!

    4 korisnika označavaju da im se sviđa
    Poništi
  9. 20. stu 2019.

    If you're trying to come see talk about API stuff you need to go to the Marriott Marquis next door due to the power outage. Please come!

    Poništi
  10. 20. stu 2019.

    The world needs to know about these puns.

    After "Maximum Uptime", other contendors for a and parkour mashup company in and my talk included: - Ground Antiaffinity - Horizontal and Vertical Scaling - Roll Based Access
    2 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
    Poništi
  11. 20. stu 2019.

    For those wanting to learn more about isolation with gvisor, this is a great intro written for a security audience.

    For all you container security aficionados: Just published gVisor Security Basics - Part 1 by gVisor security lead Jeremiah Spradlin. This post get's super in-depth about the design thinking behind gVisor and container sandboxes.
    5 proslijeđenih tweetova 11 korisnika označava da im se sviđa
    Poništi
  12. 19. stu 2019.

    Just gave a talk on breaking node isolation with at . It was a really fun talk to write! Recordings will take a while so we recorded a quick recap of the main takeaways, see it here: Slides are here:

    This talk by and was so good. 🤩Definitely watch this one when it comes out on video!
    10 proslijeđenih tweetova 22 korisnika označavaju da im se sviđa
    Poništi
  13. 18. stu 2019.

    Updated GKE hardening guide with new security features and new section "secure defaults". Our goal: move as many items to secure defaults as possible. There are also many more secure defaults set behind the scenes that are not in this list.

    9 proslijeđenih tweetova 31 korisnik označava da mu se sviđa
    Poništi
  14. 18. stu 2019.

    After listening to and you probably really want podsecuritypolicy. Come to the sig-auth update with and Mo Khan to talk about where it is at, why it is hard to use, and what the plan is.

    5 proslijeđenih tweetova 17 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    15. stu 2019.

    Understanding the importance of container security is no longer isolated to security people. Just in time for your flight to , we've published an ebook on the fundamental concepts of container security, and why they matter to your business:

    81 proslijeđeni tweet 185 korisnika označava da im se sviđa
    Poništi
  16. 13. stu 2019.

    My third year presenting attacks and defences at ! I'm honored to be back and excited about the attack chain and I have cooked up to beat node isolation. Come see us weaponize static pods and replica sets :) add us to your schedule!

    14 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi
  17. 8. stu 2019.

    I missed this in person, but had a great chat with Jay about k8s security at bluehat later on. Looking forward to watching it!

    '19 talks are up! In my talk, I demo'd hacking the Scott Pilgrim evil exes. Most proud of ex #3: attacking a microservice by MitMing its request to a 2nd microservice. I worked hard on this & hope you enjoy it! !
    2 korisnika označavaju da im se sviđa
    Poništi
  18. 31. lis 2019.

    GKE secrets encryption is now GA! Encrypt your secrets with a key you control in Cloud KMS. But there's more!You can now also attach disks encrypted with keys you manage in Cloud KMS, adding to the hardware level disk encryption that is on by default.

    1 reply 16 proslijeđenih tweetova 47 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    10. lis 2019.

    I'm looking forward to giving an update on the State of Security in 2019 with Hoping to make this a tradition :)

    8 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Poništi
  20. 9. ruj 2019.

    Things that make security people happy: replacing static shared keys with vTPM assertions. Super happy to launch this feature. It's the long-term fix for the escalation attack as described in my kubecon talk, and more.

    Shielded GKE Nodes are now in beta, providing strong, verifiable node identity & integrity to increase the protection of your GKE nodes. Here's how →
    14 proslijeđenih tweetova 45 korisnika označava da im se sviđa
    Poništi

@mrgcastle još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·