4 mars 2024

Azure Spring Clean 2024 | Azure Pentesting Introduction 2024

Hi!

Today, I had the pleasure of being a speaker for the 2024 edition of Azure Spring Clean. You can find my presentation below.

Maxime.

23 janvier 202423 janvier 2024

Podcast | Kubernetes Security with Imad Bensisaid

Hi,

I’m thrilled to share an insightful French webinar discussion on Kubernetes Security, featuring an expert in the field, Imad Bensisaid for the UNi5 youtube channel. Together, we explore various aspects of securing Kubernetes environments, ranging from basic attacks to advanced strategies, and delve into best practices for developers to safeguard against malicious code injection through external libraries.

Kubernetes Basic Attacks

Understanding common attack vectors.
Identifying vulnerabilities in default configurations.

Advanced Kubernetes Attacks

Exploring sophisticated attack techniques.
Mitigating advanced threats and securing the cluster.

Security Best Practices for Developers

Preventing malicious code injection.
Recommended code analysis tools.
Managing malicious developers: Strategies and procedures.

Static Code Analysis

Implementing code scanning for early detection.
Analyzing code libraries for potential vulnerabilities.

Container Image Management

Keeping container images up-to-date.
CI/CD pipeline with automated code scanning and vulnerability detection.

Image Lifecycle Management

Best practices for handling container images.
Recommended scanners for image protection and analysis.

Build Pack Hardening

Strengthening container images for security.

Real-time Detection Tools

Aqua, Twistlock, Falco, and their roles in real-time detection and behavior analysis.

Infrastructure Design for Security

Adopting a secure mindset for infrastructure design.
Managing rights and network configurations.

Deployment Strategies

Leveraging infrastructure as code.
Deploying exclusively through pipelines.

Azure Security Tools

Utilizing Azure policies for enhanced security.
Leveraging Microsoft Defender for Cloud.

Watch the Webinar:

In this webinar, Imad and I share practical insights and actionable strategies to enhance Kubernetes security. Whether you are a developer, IT professional, or someone interested in bolstering their Kubernetes knowledge, this discussion provides valuable insights into securing your containerized environments.

Stay secure,

Maxime.

2 janvier 2024

Happy New Year 2024!

Greetings and Happy New Year!

As we step into the promising horizon of a new year, I extend my warmest wishes to you and your loved ones. May the coming months be filled with joy, prosperity, and countless memorable moments.

In 2024, my commitment to sharing valuable insights and knowledge remains steadfast. I am thrilled to embark on another year of writing engaging articles and blog posts, focusing on key topics such as:

Azure Platform Security
Azure Pentesting
Kubernetes Security (AKS)
Azure Defender (CSPM) / (DSPM)

I absolutely love giving talks, sharing thoughts and having a good conversation with a group of like-minded people. If you’re interested let me know! For those curious about my upcoming speaking engagements in 2024, please find the details: speaking engagements for 2024.

Wishing you all the best in the coming year, and I genuinely hope to meet you in person at one of the events. Let’s make 2024 a year of shared knowledge, growth, and collaborative learning.

Maxime.