container security
Upgrading Your Secrets Management
With recent security breaches like Heroku’s GitHub keys being compromised or CircleCI’s environment variable leaks, we’re all asking ourselves how to better safeguard infrastructure secrets. At incident.io, these events made us want ...
10 Ways Cloud-Native Development Changes Cybersecurity
As more organizations today transition to cloud-native development patterns, cybersecurity teams are scrambling to keep up. Cloud-native infrastructure, applications and developer workflows fundamentally change cybersecurity in so many ways. These changes offer ...
Securing Containers: Security Testing, API Gateway, Service Mesh and More
Containers are a way to package and distribute software applications. They allow for the isolation of dependencies and system libraries, making it easier to run the application consistently across different environments, such ...
Keeping Container Applications Secure in the Cloud
The world of cloud computing has revolutionized the way organizations build, deploy, and run their applications. At the heart of this revolution are containers, which offer numerous benefits like scalability, portability, and ...
Kubernetes Security: The Two-Question Test
As we approach KubeConEU 2023, it’s useful to look back at all the progress that’s been made with Kubernetes since the original KubeCon in 2015. We’ve seen the project mature over 26 ...
Are Your Kubernetes Workloads Secure? Unsettling Trends in Latest Benchmark
The World Economic Forum says that, despite the economic downturn, we should be prioritizing digital transformation because it enables growth and innovation. Inevitably, digital transformation plans today rely on the scalability and ...
DevSecOps Use Cases for AI-Assisted Kubernetes
As indicated in my blog DevOps Use Cases for AI-Assisted Kubernetes, an AI-assisted Kubernetes orchestrator has a number of different use cases to optimize cloud costs for DevOps, DevSecOps and SRE. This ...
Tigera Looks to Secure Kubernetes Runtime Environments
Tigera today added a Calico Runtime Threat Defense platform for securing Kubernetes runtimes using a combination of signature and behavior-based techniques. Utpal Bhatt, chief marketing officer for Tigera, says this latest addition ...
Just-in-Time Permissions in Microservices-Based Applications
In a previous article, we discussed keeping microservices secure, even from themselves. But what else can you do to keep your application free of vulnerabilities that could be exploited by bad actors? ...
Sysdig Report Surfaces Major Lack of Container Security
A new Sysdig report finds 87% of container images have high-risk vulnerabilities of which 15% make their way into runtime environments. The report also finds that 71% of those vulnerabilities have a ...