Blog
Intro to Keyrings
Oct 12, 2023
This is the third part of the series on securing applications on Linux. The first part was about Linux Seccompand the second part was about Linux Landlock. This third part is about Linux Keyrings.
Read more..Intro to Landlock
Jul 25, 2023
In a previous article we shown up how it is possible to make our applications more secure through the use of seccomp which allows us to restrict the syscalls that a process or a thread can invoke. In this article we will see how to use Landlock LSM to further improve the security of our applications.
Read more..Vault Secrets API
Mar 21, 2023
Remember when we introduced the amazing capabilities of Vault in our previous article? As we mentioned back in the day, Vault comes with a plethora of tools that can leverage and help the developer in hooking and introducing common problem solvers in their software solution.
Read more..Managing Docker registry credentials in production
Feb 21, 2023
When using docker in production eventually the time will come where manually distributing and rotating credentials becomes too cumbersome to deal with. In those situations better alternatives exist.
Read more..Intro to Seccomp!
Jan 17, 2023
Whenever we run a program on our machine, it runs with the same privileges as the user that started it. This is a problem, because it means that if we run a program that has a bug in it, if exploited, that bug can be used to compromise the whole machine. This is why it is important to run programs with the least amount of privileges possible.
Read more..Writing a simple Traceroute in Go
Nov 8, 2022
If your question is why, the answer is quite simple: why not? And by the way, my favorite question is how. So, how does a traceroute program works in general? (We’re considering traceroute in IPv4 networks in this post)
Read more..Introduction to HashiCorp Vault
Aug 25, 2022
In FFWDE, we extensively use HashiCorp’s stack. It’s modular, easy to install, with a moderate learning curve, extensive documentation and community. If offers very interesting and mature solutions, from virtualization to secrets storage.
Read more..Honggfuzz!
Jan 17, 2022
First things first! What is Fuzzing? Well, from 10000 feet we can say: fuzzing is a way to continuously feed random input to a program to catch bugs. We have a program A and a starting input I, which in jargon is called corpus. We now continuously mutate I while feeding it into A. If some piece of code in A is unable to properly handle this input I, it will likely trigger some bug and make A crash.
Read more..