• 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: August 28th, 2023

help-circle



  • starneldtocybersecurityWhat are You Working on Wednesday
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    My preference is for the native AWS WAF as we already use it. The rub comes from how the cluster is architected which would mean we’d have an ALB ingress per application - the prohibitive cost is purely the extra ALBs that would be created. Though I literally just heard it’s not going to be as bad as initially forecast so ¯_(ツ)_/¯

    My original curiosity was if any of the K8s specific WAFs are any good, for example Prophaze.


  • starneldtocybersecurityWhat are You Working on Wednesday
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Trying to find a suitable WAF for AWS EKS. Any suggestions?

    One of the teams has a cluster built with the nginx ingress which uses classic load balancers. Shifting them to the AWS ingress (which uses ALBs enabling our AWS WAF to apply) looks like it’ll be massively expensive due to the blow out in load balancer costs - but it gets us a WAF we already use across everything else. Other option is to find a WAF specifically for EKS and shift all clusters to that.






  • Search engine or browser? For browsers I’ll use Firefox, but if I’m logging into anything I’ll usually use Chrome or Safari. I’ll also use Tor browser sometimes.

    On the search engine side, I’ll generally use DuckDuckGo but I’m trying out Kagi to see if it’s worth paying for.