Many enterprise IT organizations today rely on traditional security policies and tools that were not built to deal with the change, scale and complexity of cloud-native environments. While it’s hard to believe, ...

As more organizations adopt a microservices deployment model, they’re also adopting infrastructure-as-code (IaC) to streamline continuous delivery. IaC codifies configurations to automate the deployment and provisioning of services. But how about security-as-code? ...

Many enterprises and large organizations are on the lookout for cloud-native security startups to add to their portfolios. From Cisco, which acquired PortShift and Banzai Cloud in late 2020, to Rapid7, which ...

CyberArk today launched an open source penetration testing framework, dubbed Kubesploit, for testing Kubernetes environments. Eviatar Gerzi, a cybersecurity researcher at CyberArk Labs, says that as more instances of Kubernetes clusters are ...

VMware today announced it has added a VMware Carbon Black Cloud Container offering that makes it possible to scan containers and Kubernetes configurations within the context of a DevSecOps workflow. Shemer Schwarz, ...

Sophos this week announced it is extending its Cloud Optix service for cloud security posture management (CSPM) to include support for container image scanning. Richard Beckett, senior product marketing manager for public ...

In my article, “9 Pillars of Engineering DevOps With Kubernetes,” I explain that continuous security is a core pillar of every well-engineered DevOps. As indicated in the white paper, “From the Node ...

Debugging is a major, critical challenge for software developers. The shift to highly distributed operations in containerized cloud environments over the last year of the pandemic has further complicated the debugging process ...

Secure-by-default settings make it easier (and safer) to onboard cloud-native technologies. And, thankfully, most default security profiles and configurations are, often, quite solid. Take Istio, which is secure by default and built ...

Kubernetes’ drawbacks — the enormous advantages it offers, aside— include missing universal security management features, both for clusters and the containers it was designed to orchestrate. Historically, completely different APIs, tools and ...