<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Security on SRE Engineering Practice</title><link>https://www.sre.wang/en/tags/security/</link><description>Recent content in Security on SRE Engineering Practice</description><generator>Hugo -- gohugo.io</generator><language>en</language><lastBuildDate>Sat, 04 Jul 2026 10:59:00 +0800</lastBuildDate><atom:link href="https://www.sre.wang/en/tags/security/index.xml" rel="self" type="application/rss+xml"/><item><title>Kubernetes Security Hardening: RBAC, NetworkPolicy, and Pod Security Policies</title><link>https://www.sre.wang/en/posts/kubernetes-security-hardening/</link><pubDate>Sat, 04 Jul 2026 10:59:00 +0800</pubDate><guid>https://www.sre.wang/en/posts/kubernetes-security-hardening/</guid><description>Practical guide on kubernetes security hardening for SRE operations</description></item><item><title>Vulnerability Scanning in CI/CD: From Dependency Checks to Image Security</title><link>https://www.sre.wang/en/posts/vulnerability-scanning-cicd/</link><pubDate>Fri, 15 May 2026 14:38:00 +0800</pubDate><guid>https://www.sre.wang/en/posts/vulnerability-scanning-cicd/</guid><description>Practical guide on vulnerability scanning in ci/cd for SRE operations</description></item><item><title>Cloud Native Security: Container Security, Image Scanning, and Runtime Protection</title><link>https://www.sre.wang/en/posts/cloud-native-security-practices/</link><pubDate>Sun, 26 Oct 2025 21:10:00 +0800</pubDate><guid>https://www.sre.wang/en/posts/cloud-native-security-practices/</guid><description>Practical guide on cloud native security for SRE operations</description></item><item><title>TLS/SSL Certificate Management: From Application to Auto-Renewal</title><link>https://www.sre.wang/en/posts/tls-ssl-certificate-management/</link><pubDate>Sun, 14 Sep 2025 17:26:00 +0800</pubDate><guid>https://www.sre.wang/en/posts/tls-ssl-certificate-management/</guid><description>Practical guide on tls/ssl certificate management for SRE operations</description></item><item><title>Ansible Vault Password Management: A Practical Guide to Encrypting Sensitive Data</title><link>https://www.sre.wang/en/posts/ansible-vault-password-management/</link><pubDate>Thu, 05 Sep 2024 00:00:00 +0000</pubDate><guid>https://www.sre.wang/en/posts/ansible-vault-password-management/</guid><description>In-depth analysis of Ansible Vault encryption mechanism, covering password file management, multi-environment key isolation, CI/CD integration, and security auditing</description></item><item><title>Kubernetes RBAC and Security Contexts</title><link>https://www.sre.wang/en/posts/kubernetes-rbac-security/</link><pubDate>Thu, 02 May 2024 00:00:00 +0000</pubDate><guid>https://www.sre.wang/en/posts/kubernetes-rbac-security/</guid><description>From RBAC models and ServiceAccount management to Pod Security Standards, SecurityContext, NetworkPolicies, and audit logs—a comprehensive guide to Kubernetes cluster security hardening</description></item><item><title>SSH Security Best Practices: From Authentication to Tunneling</title><link>https://www.sre.wang/en/posts/linux-ssh-security-best-practices/</link><pubDate>Tue, 12 Dec 2023 00:00:00 +0000</pubDate><guid>https://www.sre.wang/en/posts/linux-ssh-security-best-practices/</guid><description>SSH key and certificate authentication, sshd_config hardening, bastion host, port forwarding and reverse tunnels, SSH Agent, audit logging, and Fail2ban — a complete practical guide</description></item></channel></rss>