Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Securing kubectl on Remote Kubernetes Clusters Without Static Credentials or VPNs

Fleets of robots, drones, EV chargers, and sensors now run K3s or MicroK8s on the device itself, bringing container orchestration to hardware deployed in warehouses, cell towers, and customer sites around the world. Engineers need kubectl to debug and manage containerized workloads on those devices in the field. But because each cluster requires a kubeconfig file, and every kubeconfig file is a shared static credential, risk grows with each new device added to the fleet.

How Teleport Operationalizes the EU Cyber Resilience Act's Secure-by-Design Mandate

The EU Cyber Resilience Act (CRA) enters its enforcement window in 2027, but preparations should start now. ENISA's Secure by Design and Default Playbook (v0.4, March 2026) translates the CRA's legal text into 22 actionable security playbooks, structured around architectural foundations, operational integrity, default hardening, and guided protection. Together, they represent the most prescriptive infrastructure security framework the EU has ever published.

GitProtect 2.4.0: Complete QA Protection in Azure DevOps, FIPS-Compliant Encryption, and More

The new 2.4.0 release delivers complete protection for your entire Quality Assurance (QA) workloads in Azure DevOps. Teams on platforms hosted locally in Windows can now secure them with the AES encryption compliant with the federal, enterprise-grade FIPS standards. This release also packs other notable upgrades, including seamless Active Directory integration, a smarter repository exclusion mechanism, and full German language support. Dive into the full breakdown below.

The Room Where V2 Happens

I ran the same internal AI workshop twice in one week. Same content, same agenda, same Zoom link, just offered at multiple times to cover different schedules. By the second session, half of my material was wrong. Between the two scheduled sessions, something had changed. In the first session we couldn't use the skills feature in Claude. By the second, we could. Nothing dramatic happened.

IAM for DevOps: How to Secure Distributed Teams, CI/CD Pipelines, and Privileged Access

Your DevOps team doesn't log into one app from one office. They're in cloud consoles, Git repos, CI/CD pipelines, and production, often at 2 am, often from home. IAM for DevOps has to work for that reality, not the one from 2016. Traditional identity and access management was built for employees signing into a handful of business apps from a managed laptop. But the DevOps team blew past that model years ago.

Independence is the moat

Why the independent layer keeps winning as the models get better, not despite them. This series has been building to one question, and it is the objection every honest reader has been holding since the first piece. If the frontier models keep getting better this fast, why does an independent security layer keep winning? Why not wait for the model that writes safe code and verifies its own work?

How the TLS handshake works, and why half of it is gone

Every HTTPS connection starts with a TLS handshake. It’s the security check, answering “are you who you say you are?” and “how are we going to keep this conversation secret?”. There’s a lot going on during the handshake, and there used to be even more before it all got hacked and removed. And that’s useful to understand, the modern TLS 1.3 handshake is short because everything else got compromised.

6 Incidents that Prove DevOps in Healthcare Needs a Recovery Plan

Healthcare cybersecurity is usually discussed in terms of patient data and regulations like HIPAA. But software teams in healthcare need to protect the development layer with the same rigor. After an incident, teams need a trusted record of the codebase and the project context around it. Without this safeguard, they’re guessing at what changed and what’s safe to restore.

Why You Must Still Review AI Code

In this video, we break down why skipping code reviews is a massive mistake that will ultimately slow you down, leave you vulnerable, and compromise your system's accountability. We dive into three concrete reasons why reviewing AI-generated pull requests actually makes you a faster, safer developer, including a real-world story of a production bug caught in under 90 seconds. Resources Chapters.