My take on GKE auto-pilot mode

Posted on 2021-10-17 in Programmation • Tagged with security, gcp, gke, kubernetes

I recently switched from a standard GKE cluster where I had to manage nodes to an autopilot one where Google does it for me. I must say the switch was easy to do (despite an interruption of our services) and greatly simplified the management of the cluster.

I noticed this …

Continue reading

Small security checklist for public backend services

Posted on 2021-09-19 in Trucs et astuces • Tagged with security

Here are some security tips to check for backend services. It's mostly meant so that I can have a check list. So I don't develop them much but provide extra links where necessary. I also probably expand this list as time goes one and I learn more about this subject …

Continue reading

Can we clean password from PHP memory?

Posted on 2017-11-26 in Programmation • Tagged with php, Docker, security

At work in a PHP application, we rely on libsodium to erase a password from $_POST. It may sound like a good idea: once the password is not in memory any more, it can't leak. But the question is: is it really erased from memory? That's the question will answer …

Continue reading