Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Managing Node.js Docker images in GitHub Packages using GitHub Actions

Jul 13, 2021 By Liran Tal In Snyk

If you’re doing open source development today, chances are high that you’re active within the GitHub community — participating in open source projects and their repositories. A recent addition to the GitHub ecosystem is GitHub Packages, which was announced back in 2019 and is now receiving even more updates with the general availability of the GitHub Packages container registry.

Read Post
armo

Advanced Kubernetes Pod to Node Scheduling

Jul 13, 2021 By Ben Hirschberg In ARMO

In Kubernetes, the task of scheduling pods to specific nodes in the cluster is handled by the kube-scheduler. The default behavior of this component is to filter nodes based on the resource requests and limits of each container in the created pod. Feasible nodes are then scored to find the best candidate for the pod placement. In many scenarios, scheduling pods based on resource constraints is a desired behavior.

Read Post
teleport

RBAC and ABAC with AWS IAM

Jul 12, 2021 By Shuo Yang In Teleport

This is a guest blog post from Shuo Yang in his blog series “Transitioning to Programming the Cloud”, as a part of our blog posts focusing on Identity, Security and Access. We talked about how AWS CIP, STS and IAM can serve as the foundation of application authorization in our last post, i.e., how the application gets the temporary credential representing a specific role (i.e.

Read Post
Featured Post
securitysenses

Remote possibility: how to help remote staff achieve better work-life balance

Jul 9, 2021 By Chester Avey In SecuritySenses
The Covid-19 pandemic has dramatically altered working experiences and what we consider to be normal. Almost every industry has been affected and businesses were forced to scramble to find ways of operating at such a difficult time. Things have begun to improve, and we may be through the worst of the pandemic, but it has had a lingering effect.
Read Post

CloudCasa Demo - How to Backup Kubernetes Persistent Volumes to CloudCasa

Jul 7, 2021 By CloudCasa In CloudCasa
Learn how to backup Kubernetes Persistent Volumes to protect your data from ransomware attacks and for disaster recovery. Not only can CloudCasa create and manage Persistent Volume (PV) snapshots for you, but now you can backup those snapshots to our secure cloud storage as well. Just choose the “Snapshot and copy to CloudCasa” option when you create a Kubernetes backup job and you can also add this option to existing jobs by editing them.
View Video
Snyk

Hardening AWS EKS security with RBAC, secure IMDS, and audit logging

Jul 7, 2021 By Kamil Potrec In Snyk

Misconfigurations in infrastructure as code (IaC) can be just as dangerous as vulnerabilities in code. Small mistakes in configuration can lead to the sensitive data being readable on the internet, or private endpoints and dashboard accessible to the anonymous users and abused as the initial point of compromise. Recent security research findings indicate the rise in malware targeting the Kubernetes platform which showcases the need for secure configuration.

Read Post
CloudCasa

Azure Cloud Storage, PV Backups, and Ransomware Protection with New CloudCasa Release

Jul 7, 2021 By Katina Kozlowski In CloudCasa

CloudCasa is a simple, scalable, and inexpensive cloud backup service for protecting your Kubernetes and cloud native applications. We worry about protecting your Kubernetes environment so that you don’t have to! Since the introduction of CloudCasa in November of last year, we’ve been making improvements and adding new features at a steady rate. The CloudCasa team has been very busy this spring, and we’re now pleased to announce yet another major release of new service features!

Read Post

Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

Jul 6, 2021 By Veracode In Veracode
In this video, you will learn how to: You can use the Jenkins Credentials Binding Plugin to hide your Veracode API credentials from the Jenkins interface and logs. You use the plugin to associate, or bind, your Veracode API credentials to environment variables and save them to the Jenkins credentials store. During a build, Jenkins uses the environment variables to secretly access your credentials. The Jenkins interface and logs only show the bound environment variables.
View Video

JFrog And Red Hat DevSecOps Security Series

Jul 6, 2021 By JFrog In JFrog
Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.