Kubernetes service ownership

How DevSecOps Enabled Kubernetes Service Ownership

While it’s true software development is now among the most important industries in the country—if not the world—it is still undergoing its own transformation—especially with regards to DevOps, security and the emerging ...
Anchore Grype API NetApp Spot

Anchore Delivers Container Security Integration for GitLab

Anchore has made its open source Grype vulnerability scanner tool for containers generally available for DevOps teams that are running the latest version of the GitLab continuous integration/continuous delivery (CI/CD) platform. Anchore ...
Cloud-Native Security Best Practices

Taking Cloud-Native Security to the Next Level

It’s no secret that containers and Kubernetes offer unparalleled speed and agility. As organizations look to the technology for the ability to scale and deliver modern applications, Gartner predicts containers will be ...
Kong Styra service mesh TriggerMesh Launches Open Source Knative Lambda Sources

Loft Labs Launches Open Source K8s Compliance Project

Loft Labs today launched jsPolicy as an open source project to enable compliance in Kubernetes environments to be achieved using code written in JavaScript. Lukas Gentele, Loft Labs CEO, says jsPolicy differs ...
Containers Security Gaps Priority

Containers Practices Gap Assessment

Containerizing software has proven benefits for DevOps value streams. To get the maximum value from containers, it is important to use recommended best practices, inclusive of people, processes and technologies. A gap ...
Siloscape security-as-code Docker

Leveling Up Container Security with Security-as-Code

As more organizations adopt a microservices deployment model, they’re also adopting infrastructure-as-code (IaC) to streamline continuous delivery. IaC codifies configurations to automate the deployment and provisioning of services. But how about security-as-code? ...
CNCF security secure Kubernetes

7 Principles of DevSecOps With Kubernetes

In my article, “9 Pillars of Engineering DevOps With Kubernetes,” I explain that continuous security is a core pillar of every well-engineered DevOps. As indicated in the white paper, “From the Node ...
stateful kubernetes k8s Kublr

K8s and Cloud Security: Compliance Just Ain’t Enough

Over just two years, breaches caused by cloud misconfigurations exposed 33.5 billion records and generated an estimated $5 trillion in damages. Amid rising cyberattacks and novel vulnerabilities, overlooking cloud and K8s security ...
Rapid7 container security

Rapid7 Acquires Alcide in Bid to Unify Security

Rapid7 this week announced it has acquired Alcide, a provider of a platform for securing Kubernetes, for $50 million as part of an effort to unify cybersecurity across multiple platforms. Brian Johnson, ...
Siloscape security-as-code Docker

Canonical Allies With Docker Inc. on Secure Containers

Canonical has published a curated set of secure container application images on Docker Hub that it has committed to supporting for the next 10 years. The company vowed to fix within 24 ...