Security

Update (January 2026): Since this post was originally written, Gmail and Yahoo’s DMARC requirements have moved from warning to full enforcement. As of November 2025, Gmail actively rejects non-compliant emails from bulk senders. Microsoft also joined in May 2025, requiring DMARC for senders of 5,000+ daily emails to Outlook.com, Hotmail, and Live.com. If you haven’t set up DMARC yet, now is the time - your emails may already be getting rejected. ...

I previously blogged about Starboard and How to Install and Use Starboard to Protect Your Kubernetes Cluster. These articles were focused more on vulnerability and configuration management. Now, I wanted to focus my attention on runtime security observability using Tetragon. Getting Started With Tetragon The first step is to install it. The Tetragon website recommends using Helm 3 to deploy it so that’s what we’ll do. I’m deploying with just the default values for now ...

In previous posts,How to Install and Use Starboard to Protect Your Kubernetes Cluster and Enhancing Kubernetes Security and Compliance with Starboard Audit Reports: A Practical Guide, I started working through the different security reports available from the Starboard security scanner. The next step is to begin reviewing starboard Infrastructure Scans for security insights. Getting an Infrastructure Report After installing Starboard, I waited for it to run and generate all kinds of reports. My previous posts above worked through the vulnerability and audit reports generated by Starboard. With my deployments within Kubernetes secure, I wanted to now focus on the underlying infrastructure. The infrastructure scans run against the nodes in the cluster. You can access a summary by issuing the following command: ...

In my How to Install and Use Starboard to Protect Your Kubernetes Cluster post, I first installed Starboard and reviewed a vulnerability scan report. After reviewing the results, I then tried to action some of the vulnerabilities in my MySQL deployment. In addition to vulnerability scans, Starboard can also conduct configuration audits of your Kubernetes deployment. I wanted to review those next and walk through a Kubernetes audit report action plan. In working through an action plan, you should first address any CRITICAL results. After mitigating those, you would want to work through the HIGH and so forth. ...

In my Securing Your CI/CD Pipeline: A Beginner’s Guide to Implementing Essential Security Measures post, I started to tinker with SecOps a little with Terrascan. I also stumbled upon another tool called Starboard from Aqua security. In this post, I’m going to focus on using Starboard installation and usage as a Kubernetes Operator to see how it works. Getting Started The installation of Starboard seems pretty easy as you can either use kubectl or helm. I decided to go the helm route for my installation. ...