DevSecOps
K8s and Cloud Security: Compliance Just Ain’t Enough
Over just two years, breaches caused by cloud misconfigurations exposed 33.5 billion records and generated an estimated $5 trillion in damages. Amid rising cyberattacks and novel vulnerabilities, overlooking cloud and K8s security ...
Rapid7 Acquires Alcide in Bid to Unify Security
Rapid7 this week announced it has acquired Alcide, a provider of a platform for securing Kubernetes, for $50 million as part of an effort to unify cybersecurity across multiple platforms. Brian Johnson, ...
Canonical Allies With Docker Inc. on Secure Containers
Canonical has published a curated set of secure container application images on Docker Hub that it has committed to supporting for the next 10 years. The company vowed to fix within 24 ...
Containers Creating Major DevSecOps Challenge
Cyberattacks against containers have moved from being a potential cause for concern to an issue that will have a much greater material impact on the rate at which cloud-native applications are being ...
Accurics Adds Helm Charts, Kustomize Support to Security Tool
Accurics, provider of Terrascan static code analyzer for discovering vulnerabilities in code used to deploy infrastructure, added support for Kustomize and Helm Charts tools that are used to configure Kubernetes clusters and ...
IBM Advances DevSecOps in Cloud Service Based on Kubernetes
IBM this week added a Code Risk Analyzer feature to the IBM Cloud Continuous Delivery service that enables developers to analyze code in a Git repository within the context of a DevOps ...
Aqua Security Simplifies Kubernetes Security
Aqua Security today unveiled a Kubernetes Security Posture Management (KSPM) offering that provides IT teams with a set of policies and controls to automate configuration and compliance of Kubernetes clusters. In addition, ...
How Containers and Kubernetes Advance DevSecOps
Containers and Kubernetes have been two of the most exciting developments of recent years, and if implemented correctly, can vastly improve the efficiency and efficacy of development workflows. One of the key ...
SentinelOne Automates DevSecOps in Kubernetes Environments
SentinelOne this week announced it has added an Automated Application Control Engine that employs machine learning algorithms that only allows approved secure workloads to execute on a Kubernetes cluster. Guy Gertner, vice ...
Latest Docker Container Attack Highlights Remote Networking Flaws
A security flaw that provides a backdoor through which Docker containers can be compromised via unsecured remote connections may require IT teams to revisit their approach to DevSecOps. At the core of ...
