0 views collected around this technical thread.
The article explains how to enable Kubernetes audit logging and use its detailed fields—such as userAgent, responseStatus, requestURI, and object references—to detect CDK‑generated attacks and other threats like CVE‑2022‑3172, privilege escalation, and backdoor deployment, offering practical detection examples and security recommendations.
This article presents a comprehensive design of a real‑time security monitoring and alert platform, detailing challenges in high‑concurrency risk control, an architecture that replaces OLAP polling with scalable compute services, event‑time processing, dynamic thresholding using fbprophet, and practical optimizations with Redis and ClickHouse.
This article introduces GSIL, a near‑real‑time GitHub sensitive‑information‑leakage monitoring tool, and provides step‑by‑step instructions for installing the Python package, configuring email and GitHub token settings, defining scanning rules, and scheduling automated scans and reports via cron.