Security | Geko Cloud

Posted 29 May, 2020

Dependency Track: Analyze your vulnerabilities from the use of third-party components

In this post we are going to talk about the OWASP tool called Dependency-Track. To start, a good question is…. What is Dependency-Track? Dependency Track is a vulnerability analysis tool [...]

By Xavi Miranda

In Docker, Nginx, Security

Posted 20 May, 2020

Nginx and Letsencrypt with certbot in docker alpine

UPDATE 31/08/2020 As Nicolas ponted out in the comments, the alpine software repositories already include the certbot package and therefore can be updated directly with apk: apk add certbot [...]

By Marc López

In aws, DevSecOps, Kubernetes, Security

Posted 30 March, 2020

Kubernetes external secrets

In this post we will talk about Kubernetes external secrets. It’s a project developed by the GoDaddy Engeneering Team that allows to use external secrets management systems to securely add [...]

By david

In aws, DevOps, Security

Posted 23 March, 2020

Securing Jenkins access to AWS (part II)

Recommended setup If you followed the steps in my previous post, you have: IAM users than can only assume a role AWS access keys for those users stored in Jenkins (using AWS Credentials plugin) [...]

By david

In aws, DevOps, Security

Posted 27 February, 2020

Securing Jenkins access to AWS (part I)

Jenkins is an open source automation server used to accelerate the software delivery process and has become the de facto DevOps engine, specially for its scripted Jenkinsfile pipelines committed [...]