cloud-native IBM Kubernetes

4 Pillars of Cloud-Native Security

Many enterprise IT organizations today rely on traditional security policies and tools that were not built to deal with the change, scale and complexity of cloud-native environments. While it’s hard to believe, ...
security-as-code Docker

Leveling Up Container Security with Security-as-Code

As more organizations adopt a microservices deployment model, they’re also adopting infrastructure-as-code (IaC) to streamline continuous delivery. IaC codifies configurations to automate the deployment and provisioning of services. But how about security-as-code? ...
VMware container security

Container Security Market Poised for Major Growth

Many enterprises and large organizations are on the lookout for cloud-native security startups to add to their portfolios. From Cisco, which acquired PortShift and Banzai Cloud in late 2020, to Rapid7, which ...
CyberArk pen testing Accurics

CyberArk Unveils Open Source Pen Testing Tool for Kubernetes

CyberArk today launched an open source penetration testing framework, dubbed Kubesploit, for testing Kubernetes environments. Eviatar Gerzi, a cybersecurity researcher at CyberArk Labs, says that as more instances of Kubernetes clusters are ...
VMware container security

VMware Adds Container Scanning Tool to Security Platform

VMware today announced it has added a VMware Carbon Black Cloud Container offering that makes it possible to scan containers and Kubernetes configurations within the context of a DevSecOps workflow. Shemer Schwarz, ...
Sophos Kubernetes threats

Sophos Adds Ability to Scan Container Images

Sophos this week announced it is extending its Cloud Optix service for cloud security posture management (CSPM) to include support for container image scanning. Richard Beckett, senior product marketing manager for public ...
secure Kubernetes

7 Principles of DevSecOps With Kubernetes

In my article, “9 Pillars of Engineering DevOps With Kubernetes,” I explain that continuous security is a core pillar of every well-engineered DevOps. As indicated in the white paper, “From the Node ...
Rookout Brings Debugging Tools to Kubernetes

3 Considerations for Container Debugging

Debugging is a major, critical challenge for software developers. The shift to highly distributed operations in containerized cloud environments over the last year of the pandemic has further complicated the debugging process ...
Kubernetes Security Flaw

Insecure Defaults Remain a Threat for Kubernetes

Secure-by-default settings make it easier (and safer) to onboard cloud-native technologies. And, thankfully, most default security profiles and configurations are, often, quite solid. Take Istio, which is secure by default and built ...
control plane Kubermatic Crossplane

Kubermatic Kubernetes Platform Supports OPA Integration 

Kubernetes’ drawbacks — the enormous advantages it offers, aside— include missing universal security management features, both for clusters and the containers it was designed to orchestrate. Historically, completely different APIs, tools and ...