The Penwins Crew website

The Logging Paradox Remember when I talked about Logging & Auditing as one of the 10 critical domains for K8s security? Well, here’s the thing nobody tells you: having logs is great, but having too many logs is almost as useless as having none. Picture this: you’re paying for a Splunk license 💸 (or your preferred log aggregation tool), and every day you’re shipping 600MB of control plane noise per node. Most of it? INFO-level messages about lease renewals and cache syncs that nobody will ever read. It’s like buying the latest iPhone and using it exclusively as a flashlight 🔦. ...

The Boogeyman Under the Bed Let’s be honest: Kubernetes security is that thing everyone knows they should care about but nobody wants to touch. It’s like flossing – we all know it’s important, but somehow we keep pushing it to next quarter. I recently had to pitch a comprehensive K8s security strategy to management, and spoiler alert: they actually liked it. Here’s the story of how I went from “Kubernetes what?” to “here’s our end-to-end security framework” without boring everyone to death (including myself). ...

These days I’m called sometimes Identity expert, sometimes “SME” (subject matter expert). But I still consider myself a classic sysadmin. I usually find it funny people who use the “expert” term so liberally, especially wide topics Networking, Infrastructure, Devops or the hot topic these days: AI. After more than 20 years of career I hardly feel myself expert on anything and I still consider that dedicated time, focus time, is a must to become an expert in something in particular. There would be lucky people who have been supported enough at work to develop their expertise in something in particular, but those like me who had to adapt their focus time based on business needs, hardly can focus more than 2/3 years in something in particular. ...

Welcome to Penwins! So you’re probably wondering: why penguins? Well, we’re three friends and former Linux sysadmins who’ve been securing (and occasionally breaking) cloud infrastructure for years. After countless late-night debugging sessions, cryptic error messages, and that one time we accidentally locked ourselves out of production (don’t ask), we figured we should write this stuff down. What You’ll Find Here What our bosses want us to talk about: Kubernetes Security: Best practices, network policies, RBAC configurations OpenStack Security: Securing private cloud deployments AWS & Azure: Cloud-native security implementations Identity Management: EntraID, LDAP, and IAM strategies Infrastructure as Code: Terraform, security scanning, and automation But this isn’t your typical “10 Best Practices” blog. We’re here to share: ...