Minimizing Go WebAssembly Binary Size

In both of the previous posts I’ve described different aspects of WebAssembly. The first of the two explained what WebAssembly is and how to run a simple Go web application, with WebAssembly, in the browser. The second post was a Go WebAssembly performance benchmark. If you are unfamiliar with Go WebAssembly, I’d recommend reading the…

Go WebAssembly Performance Benchmark

In my previous post I explained what WebAssembly is and how to run a simple Go web application with WebAssembly in the browser. A question I had in mind during the writing of that post is if Go WebAssembly really is faster than JavaScript? In this post I’ll conduct a research and a Go WebAssembly…

Run Go In The Browser Using WebAssembly

I’ve heard about WebAssembly a while back at one of the GopherCon conferences. It has been a source of interest to me and I’ve been meaning to play around with it for a while – and now, the time has come! WebAssembly WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm…

Configure And Implement A Kubernetes Audits Webhook

This post is going to be mostly technical. By the end of it you should know exactly how to implement your own Kubernetes audits webhook. First off, if you need some background on Kubernetes auditing, I recommend reading my Kubernetes audits introduction post first. The reason for which I’m writing this post is because of…

Ambassador Container Design Hands On

When developing a cloud native application, we want it to serve a single purpose and be as simple as possible. For example, you would want to have a clear separation between your application logic and communications to remote services. This is where the ambassador container pattern comes in place.

The Death Of Kubernetes AuditSink

I’ll start this blog post with a funny story: my last blog post was an introduction to Kubernetes audits (which I recommend reading before diving into this post). As a continuing post, I wrote about what I thought to be the future of Kubernetes audits – the dynamic backend. Only to find out, a couple…

Kubernetes Audits Introduction

Monitoring the security aspects of a system as complex as Kubernetes can get frustrating. Especially when you want simple answers to simple questions (e.g., what happened? when did it happen?). That is exactly where Kubernetes audits come into place. In this blog post I will go over Kubernetes audits in detail: What are they exactly?…

Run AWS Lambda Serverless Functions Locally

Since I discovered AWS Lambda, or Serverless functions in general, I was always confused as to how should I run or debug these locally? I mean, there are several approaches as to how to do this, but some are only relevant to specific runtimes, while others don’t exactly imitate the environment that AWS supply. So,…

Go Seccomp Filters – Part 2

In the previous post you walked through an explanation on what syscalls are, what is seccomp and specifically what is a seccomp filter. If you are unfamiliar with seccomp filters or syscalls, I suggest you read the first part and then come back here. In this post, you’ll implement a seccomp filter on a Go…

Go Seccomp Filters – Part 1

In the following two blog posts series you are welcome to deep dive with me into applying seccomp filters on Go applications. Navigating your way bottom-up, these posts will give you a better understanding of what seccomp is. Hopefully, when finish reading this short, two-parts guide, you’ll be able to use it to protect your…