$ grep -r "security" ~/blog/*

Security

4 articles tagged with Security

January 21, 202610 min read

Kubernetes Security Auditing: From kube-bench Findings to Pod Security Standards

Running a security audit on my Kubernetes cluster revealed some uncomfortable truths. Here is what I learned about CIS Benchmarks, Pod Security Standards, and why your kubeconfig is probably world-readable too.

kubernetessecuritykube-benchpsscis-benchmarkdevops

kubectl TLS authentication handshake with mutual certificate verification

December 11, 202512 min read

Kubernetes Authentication: The Certificate Dance Behind kubectl

How I learned that every kubectl command involves a sophisticated cryptographic handshake (and why that's actually pretty cool)

kubernetescertificatesauthenticationtlssecurity

Kubeseal encryption and decryption workflow in a GitOps pipeline

November 30, 20258 min read

Kubeseal: How I Stopped Losing Sleep Over Secrets in Git

My journey from "surely I can just base64 encode it" to actually securing Kubernetes secrets in a GitOps workflow - complete with the paranoia that keeps me backing up keys.

kubernetessecuritygitopsdevopsargocd

Tailscale mesh network topology with direct connections and relay fallback

January 15, 20259 min read

How Tailscale Gets Devices Talking to Each Other (Without a Central VPN Middleman)

I went down the rabbit hole of understanding how Tailscale actually works—from WireGuard protocol magic to NAT traversal wizardry to making your Kubernetes cluster talk over encrypted tunnels

networkingsecuritykubernetesinfrastructurevpn