Our Commitment to Patching

Marc BoorshteinCompliance, Identity Management, Linux, Open Source, Patching, Security

In the wake of the Equifax breach, we thought it was important to declare how dedicated we are to making sure the latest and patched libraries are in Unison, OpenUnison and MyVirtualDirectory. Security is hard, complex systems are hard and bugs are inevitable. The Struts team gave a great response to Equifax’s declaration that a bug in their software was … Read More

Marc BoorshteinOur Commitment to Patching

How To Succeed in Identity Management Without Really Trying

Marc BoorshteinAmazon Web Services, Cloud, Cloud Native, ficam, icam, Identity Management, Implementation Costs, Linux, Open Source, OpenShift, Red Hat, sso, user provisioning

I do identity management the manual way! If it works and I control it then there I stay! The Company Way – How to Succeed in Business Without Really Trying When I was a kid my parents took me to see Matthew Broderick in “How to Succeed in Business Without Really Trying”, a show that pokes fun at American corporate … Read More

Marc BoorshteinHow To Succeed in Identity Management Without Really Trying

Automate OpenShift Identity Management and Project Deployment with Unison 1.0.10

Marc BoorshteinUncategorized

Today at Red Hat Summit we are releasing Unison and OpenUnison 1.0.10 with exciting features for Red Hat’s OpenShift Container Platform.  For this release we have extended both Unison and OpenUnison to allow you to create OpenShift projects from a template, create groups and add those groups to the correct policies.  This creates an end-to-end self-service system for creating projects. … Read More

Marc BoorshteinAutomate OpenShift Identity Management and Project Deployment with Unison 1.0.10

ICAM on a Purchase Card

Marc BoorshteinCompliance, ficam, icam, Identity Management, Implementation Costs, Open Source, sso, user provisioning

If you’ve done any work for or with the US federal government, you’ve heard the acronym ICAM or FICAM.  It stands for the Federal Identity, Credential and Access Management standards outlined at https://gsa.github.io/ficam-arch/.  These are a set of standards agencies should follow when it comes to identity management, items like using your PIV cards for authentication and providing audit frameworks.  In … Read More

Marc BoorshteinICAM on a Purchase Card

Containers are (Not) Doomed Because of Dirty Cow, and Why Identity Management is Important For Mitigation

Marc BoorshteinCloud, Cloud Native, Identity Management, Kubernetes, Linux, Open Source, OpenShift, Red Hat

OK, sorry for the click bait style headline but for the first blog of the new year I thought I’d have some fun. I came across a blog post on twitter from @geek_king about this real nasty bug in the kernel that can give you root access to the host server, breaking out of your container. Is this a big … Read More

Marc BoorshteinContainers are (Not) Doomed Because of Dirty Cow, and Why Identity Management is Important For Mitigation

Unison 1.0.8 Available

Marc BoorshteinAmazon Web Services, Cloud, Cloud Native, Identity Management, Infrastructure as a Service, Kubernetes, Linux, Open Source, OpenShift, PaaS, ubuntu

We’re pleased to announce the immediate availability of Unison and OpenUnison 1.0.8. This release brings new features specifically aimed at Cloud Native systems: OpenID Connect support, both as a relying party and as an identity provider Kubernetes SSO integration MongoDB Support for storing authorization data and additional attributes outside of your corporate Active Directory Identity Management for OpenShift and OpenStack … Read More

Marc BoorshteinUnison 1.0.8 Available

OpenShift Compliance and Identity Management

Marc BoorshteinCloud, Cloud Native, Compliance, Identity Management, Implementation Costs, Open Source, OpenShift, Red Hat

The OpenShift team at Red Hat has put together a GREAT compliance guide for OpenShift.  This doc does a great job detailing each control in NIST 800-53.  There’s one major compliance issue that this document explicitly leaves to the “Organization” – identity management.  As you go through this document you’ll notice that nearly every control that deals with identity management … Read More

Marc BoorshteinOpenShift Compliance and Identity Management

MyVirtualDirectory 1.0.0 Released

Marc BoorshteinCloud, Identity Management, Implementation Costs, Open Source, Uncategorized

I started MyVirtualDirectory nearly ten years ago as a hobby project to “keep my claws sharp” since I wasn’t doing much programming.  Today I’m proud to announce that after multiple revamps, production deployments, and feature enhancements MyVD is now ready for 1.0.0! LDAP is the protocol thats been “dead” or “dying”, depending on who is pontificating on the subject, for … Read More

Marc BoorshteinMyVirtualDirectory 1.0.0 Released

Tremolo Security at ISSA International in Dallas, Tx

Marc BoorshteinAmazon Web Services, Cloud, Drupal, Identity Management, Implementation Costs, Infrastructure as a Service, Kubernetes, Linux, Open Source, OpenShift

We’re proud to be a sponsor this year of the Information Security System Association’s (ISSA) international conference.  We’ll be in booth 707 and I’ll be presenting with my colleagues about the US National Capital Region’s Identity and Access Management Program (IAMS) at Secure User Application Access in a Hurry on Thursday November third at 11:30 am talking about just how quickly … Read More

Marc BoorshteinTremolo Security at ISSA International in Dallas, Tx

Kubernetes on Raspberry Pi II – Networking

Marc BoorshteinKubernetes, Linux, Open Source, PaaS, raspberry pi, ubuntu

After my last blog, I had thought I had this pretty much working.  Not really.  Once I got the api server and minion up and running I still needed to get networking running.  The suggestion in the kubeadm install instructions says to use Weave.  I know there are several networking plugins for Kubernetes, and I’ll be honest I don’t really know … Read More

Marc BoorshteinKubernetes on Raspberry Pi II – Networking