Container Security

Kubescape Adds Vulnerability Scanning Capabilities
Kubescape, an end-to-end, open source security platform built on Kubernetes technology, has added new functionality to help scan for vulnerabilities. The platform, created by Israeli software developers from Armo, has become one ...

Keeping Kubernetes Data Safe, Sound and Actionable
As cloud-native development grows in popularity, organizations are on the hunt for tools to not only protect their containerized applications but to manage them, as well. They’ll be busy. IDC is projecting ...

5 Kubernetes Pain Points and How to Solve Them
Kubernetes is an open source orchestration platform for managing Linux containers in private, public and hybrid cloud environments. It is also commonly used to manage a microservices architecture. Containers and Kubernetes can ...

The Principle of Least Privilege in Cloud-Native Applications
Modern applications require modern security. Public cloud vendors are highly motivated to ensure their platforms are not the subject of security attacks that chip away at customers’ trust and well-being. In cloud-native ...

Learning From Kubernetes Vulnerabilities
As Kubernetes has become a widely popular and critical infrastructure component in the modern software stack for small to large organizations, it has also become more susceptible to attacks. Developers typically use ...

Kubernetes Security in Your CI/CD Pipeline
Kubernetes security involves implementing security measures and tools and adopting best practices for protecting Kubernetes workloads. Kubernetes is an open source container management platform across public, private and hybrid clouds. Organizations employ ...

CrowdStrike Details Sophisticated Container Cryptojacking Campaign
At the KubeCon + CloudNativeCon North America conference today, CrowdStrike revealed details of a complex cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure. The campaign employs a combination of an obscure domain ...

5 Laws of Cloud-Native Authorization
In a microservices world, each service needs to verify that a subject (user or machine) has permission to perform an operation on a resource that the service manages. But in an agile ...

Vulnerability Management: Context From Code to Cloud
Almost all modern cloud-native applications are developed using open source components. And yet, security is not always the top priority for open source developers. While many vulnerabilities can be accidental (e.g., coding ...

Understanding Role-Based Access Control in Kubernetes
“I’m sorry Dave, I’m afraid I can’t do that.” – HAL 9000, 2001: A Space Odyssey This iconic quote from 2001: A Space Odyssey is a great place to start if you ...