Digging into the OCI Image Specification

The OCI Image Specification is the core concept behind container images. However, not much is known about it even though container technologies are becoming more and more popular. In this blogpost we will demystify it and look into its internals.

more ...

Digging Into Runtimes – runc

Everyone knows about Docker but not a lot of people are aware of the underlying technologies used by it. In this blogpost we will analyze one of the most fundamental and powerful technologies hidden behind Docker - runc.

more ...

Kubernetes and HostPath, a Love-Hate Relationship

This article traces the history of three Kubernetes-related vulnerabilities. Explaining what they are, how they were patched, and how they are related. The exploitation of these vulnerabilities allowed access to the underlying host filesystem for users that were not properly authorized.

more ...