compliance
Navigating Compliance Challenges in a DevOps World
Less than three months after Kubernetes’ first serious security vulnerability was discovered, news broke out about a new and even more severe container escape vulnerability impacting runC (details can be found here) ...
StackRox Advances Kubernetes Compliance Management
StackRox this week extended the reach of its container security platform into the realm of compliance by adding the ability to automatically check whether a cloud-native application includes the controls required by ...
Best Practices for PCI Compliance in a Container Environment
The PCI DSS compliance framework dates back to the mid-2000s, well before anyone was talking about containers. This does not mean, however, that PCI compliance doesn’t affect you if you’re running a ...
Best Practices for HIPAA Compliance in a Containerized Environment
The HIPAA compliance framework is somewhat infamous for setting high-level requirements regarding healthcare data and privacy without recommending specific ways of meeting those requirements. That tendency leaves many developers, admins and DevOps ...
Tripwire Takes on Container Compliance Challenge
As part of a bid to embed DevSecOps and compliance into the earliest stages of the Docker image build process, Tripwire is making available a Container Analyzer Service under an early access ...
Capital One Gets Into Container Orchestration Platform Game
There’s no shortage of container orchestration platforms these days, but most of them don’t go beyond managing the containers themselves. Capital One Financial Corp., however, is offering its own orchestration platform the ...
Aqua Security Bolsters Container Security
Now that containers are showing up with increased frequency in production environments, the challenges associated with securing those containers are becoming more apparent to developers and IT security teams alike. The latest ...
Take a DevOps-first Approach to Security that Leverages Containers
Implementing a DevOps-first approach can drive competitiveness while creating a more secure environment As famous cryptographer Bruce Schneier once said, “Security is a process, not a state or a product.” It is ...
Sonatype Takes on Container Governance
As usage of containers continues to proliferate across the enterprise there will be some natural shifting of management responsibility between developers and IT operations teams in many organizations. In fact, most developers ...
Docker Containers, Security and Compliance
Can you use Docker containers for workloads that require PCI, HIPAA or other compliance? Answer: absolutely. Here’s why. As Docker becomes an increasingly big deal for enterprises, more compliance questions are arising ...