apparmor Mitigating the Damage in the Compromised Webserver using AppArmor In this post, you will get a very (very) detailed tutorial on how to confine the resource for an nginx server and the php fpm service on a compromised server to allow specific commands via webshell
access-control Confining Resources inside Docker Containers with AppArmor Can docker containers be protected via AppArmor? Well yes, they can and in fact, they are already being protected by apparmor in your serves. Learn more about how docker and apparmor works and make your existing docker setup more secure
apparmor Writing AppArmor Profile from Scratch Get a detailed walkthrough about writing the profile for a custom binary from scratch using AppArmor utilities like aa-genprof and aa-autodep
access-control Disallowing CAP_NET_RAW Capability for Root User using AppArmor Is root the ultimate user in Linux? You will get the answer to this question in a post by confining the cap_net_raw for ping command using AppArmor
linux Understanding AppArmor Kernel Enhancement AppArmor is an old, yet powerful security feature introduced in the Linux kernel in the late '90s to control resources for running programs rather than users. It can be used to easily mitigate the damage caused by adversaries. Learn the basics of the AppArmor and its components