Most Important Security Practices

  • Remove all passwords, keys etc from code and use vaults/jks etc for storing them securely
  • Review all exposed APIs in terms of sanitising input params, build rate controls, authentication, and source whitelisting
  • Build DDoS protection by reviewing perimeter architecture, implementing a WAF, put request rate limits at load balancer
  • Keep reviewing all security groups, firewall rules, patch any system with vulnerable components
  • Start secure code reviews for all releases and review input sanitisation, query parameterisation and other OWASP items.

Comments

Post a Comment

Popular posts from this blog

[Solved] Gitlab remote: ERROR: Your SSH key has expired.

  Error:- We have been using Gitlab and recently I got the following error while pushing my change to the Gitlab Repository remote: remote: ======================================================================== remote: remote: ERROR: Your SSH key has expired. remote: remote: ======================================================================== remote: fatal: Could not read from remote repository. Cause:- The reason for this failure was that i created a ssh key about a year ago and gitlab by default puts a security policy that your ssh key will get expire after 1 year. This is something built in to improve security in Gitlab now because that timeperiod has elapsed of 1 year thats why it gives that error of ssh key has expired.
Read more

[Resolved] groupVersion shouldn't be empty

  Issue:-  When creating the simple resource like pod, replicaset, deployments etc got a groupVersion error specified below.  Error:-   groupVersion shouldn't be empty Effect:- Not able to create the resource because of the above error apiversion: v1 kind: Pod metadata: name: pod2 spec: containers: - name: c1 image: nginx Resolution:- If you look at the above configuration precisely you will find the  apiversion   has been specified incorrectly. It should have been  apiVersion   k.So just a difference of block letter can make that error. The same error will occur even if you forgot to mention the apiVersion in the configuration or it is misspelled. Below configuration will work fine. apiVersion: v1 kind: Pod metadata: name: pod2 spec: containers: - name: c1 image: nginx   Explanation:- apiVersion is hardcoded in the kubernetes. So if you misspell it, not use it or make a e...
Read more

[Solved] Fingerprint sha256 has already been taken

  ISSUE:- While cloning the repository from the Gitlab the following error occurs Error:- The form contains the following error: Fingerprint sha256 has already been taken Cause:- The issue was occuring because i have already added the key of my laptop to the company's gitlab account. And than when i created my own personal gitlab account and tried to clone the repository it complains that the key is already been taken
Read more