Kubernetes security
Hardening Kubernetes Beyond NSA, CISA Guidance
Information security and data privacy in the cloud has an abysmal track record. Hardly a week goes by without some major cloud-powered security-related incident making the news. We, as a community, need ...
Misconfigured Argo Workflows Expose K8s to Attack
With the use of Kubernetes growing rapidly among enterprises comes increased opportunities for attackers to exploit the popular container orchestration platform’s weaknesses in security. This week, security specialist Intezer has detected a ...
7 Principles of DevSecOps With Kubernetes
In my article, “9 Pillars of Engineering DevOps With Kubernetes,” I explain that continuous security is a core pillar of every well-engineered DevOps. As indicated in the white paper, “From the Node ...
How Not To Use Kubernetes: 5 Failure Stories
I recently came across a helpful compilation of Kubernetes failure stories, a public list maintained by Henning Jacobs, a senior principal engineer at ZalandoTech. This community-driven project provides a comprehensive view of ...
Insecure Defaults Remain a Threat for Kubernetes
Secure-by-default settings make it easier (and safer) to onboard cloud-native technologies. And, thankfully, most default security profiles and configurations are, often, quite solid. Take Istio, which is secure by default and built ...
K8s and Cloud Security: Compliance Just Ain’t Enough
Over just two years, breaches caused by cloud misconfigurations exposed 33.5 billion records and generated an estimated $5 trillion in damages. Amid rising cyberattacks and novel vulnerabilities, overlooking cloud and K8s security ...
Tigera Cloudifies Calico to Secure, Monitor Kubernetes
Tigera today launched a software-as-a-service (SaaS) edition of a platform for monitoring and securing Kubernetes environments based on its open source Project Calico network virtualization software. Previously, the company made available an ...
Portshift Secures Kubernetes APIs
Portshift today unveiled an extension to its lineup of container security offerings to secure Kubernetes application programming interfaces (APIs). Zohar Kaufman, vice president of research and development for Portshift, says Extended Kubernetes ...
VMware Acquires Octarine to Advance Kubernetes Security
VMware this week announced its intent to acquire Octarine, a provider of a namesake cybersecurity framework based on a service mesh for Kubernetes clusters. The Octarine service mesh not only segments network ...
Sumo Logic Bets on StackRox to Secure Kubernetes
StackRox’s Kubernetes Security Platform is helping keep Kubernetes instances more secure for Sumo Logic Once an organization decides to embrace containers and Kubernetes, it’s only a question of when cybersecurity issues will ...
