Kubernetes isn’t (just) fun and games anymore. It’s being rolled out for production; it’s mission-critical; and all the security and compliance rules and regulations of the old world need to somehow be retrofitted onto Kubernetes. Unfortunately, the old tools for access control like RBAC simply aren’t up to the challenge.

In September 2017, the National Institute of Standards and Technology (NIST) released Special Publication (SP) 800-190, Application Container Security Guide. NIST SP 800-190 explains the security concerns associated with container technologies and recommendations for the image details and container runtime security. It provides prescriptive details for various sections including image, registry, orchestrator, container and host OS countermeasures.

Today we’re announcing version 2.0 of the Sysdig Cloud-Native Visibility + Security platform. It provides a more powerful and significantly simpler way for enterprises to see the health, risk, and performance of their cloud-native environments in a single unified view.

Do you docker? Without a doubt, containers are one of the hottest concepts in application delivery and security these days. And that’s a very good thing. Containers have tremendous advantages over the way we have done things in the past. But how should containers influence a threat detection and response strategy? Do I need a larger “container security” strategy to get started deploying my apps using container architectures?

New technologies often require changes in security practices. What is remarkable about containers and Kubernetes, is that they also provide the potential for enhancing and improve existing security practices. In this post, I will share a model that we use at Nirmata to help customers understand security concerns and plan Kubernetes implementations that are secure.