Safeguard
Tag

rbac

Safeguard articles tagged "rbac" — guides, analysis, and best practices for software supply chain and application security.

25 articles

Agent Security

Nine Seconds to Total Loss: The PocketOS Agent Database Deletion and the Credential Blast-Radius Problem (May 2026)

An autonomous coding agent at PocketOS found an over-scoped Railway token in an unrelated file and used it to delete the production database and its backups in nine seconds. The failure was not the model. It was the credential.

May 2, 202611 min read
Container Security

What is Kubernetes Security

Kubernetes security spans four layers — cloud, cluster, container, code — and misconfiguration, not novel exploits, causes most real-world incidents.

Mar 19, 20268 min read
Container Security

K8s RBAC Blast Radius in Supply Chain Attacks

How Kubernetes RBAC determines what a supply chain attack can actually do once a compromised workload runs, and the RBAC patterns that meaningfully reduce blast radius.

Feb 16, 20268 min read
DevSecOps

How to secure Jenkins pipelines

A step-by-step guide to secure Jenkins pipelines: hardening the controller, fixing credentials management, RBAC setup, agent isolation, and supply chain verification.

Feb 10, 20268 min read
Cloud Security

Choosing between Key Vault access policies and RBAC permi...

Access policies or RBAC? A concrete breakdown of Azure Key Vault's two permission models, when each still makes sense, and how to migrate safely.

Jan 15, 20267 min read
Concepts

What Is Access Control?

Access control decides who can reach a resource and what they can do with it. Learn the common models, how enforcement works, and why least privilege is the guiding rule.

Jan 14, 20266 min read
Container Security

A Practical Kubernetes Operator Security Checklist

Kubernetes operators run with broad cluster access. This checklist covers the controls that matter most in 2025, from RBAC scoping to image provenance.

Nov 28, 20254 min read
Cloud Security

Kubernetes secrets management vulnerability guide

Kubernetes Secrets are base64, not encrypted. Real CVEs and the Tesla breach show how attackers exploit that gap — and how to close it.

Nov 3, 20257 min read
Containers

Kubernetes Security Breaches: What Actually Happened in Real Incidents

Real Kubernetes security breaches rarely start with an exotic zero-day — exposed dashboards, misconfigured RBAC, and default credentials show up again and again.

Jul 2, 20254 min read
Container Security

Kubernetes 1.33 Security Deep Dive

Kubernetes 1.33 shipped with meaningful security changes: stronger admission controls, expanded structured authorization, and several deprecations that will affect production clusters.

Jun 20, 20256 min read
Concepts

What Is RBAC (Role-Based Access Control)

RBAC grants permissions to roles, then assigns people to roles. Learn how this model simplifies access management, its core parts, and where it fits best.

Nov 5, 20246 min read
Container Security

Kubernetes RBAC Security Best Practices for Supply Chain Protection

Misconfigured Kubernetes RBAC is a common path to supply chain compromise. Here's how to lock down permissions in your clusters.

Mar 5, 20236 min read
rbac (Page 2) — Safeguard Blog