Containers

Five Ways to Quickly Uncover Malicious Activity and Protect Your Kubernetes Workloads

Dec 12, 2019 By Manoj Ahuje In Tigera

Organizations are rapidly moving more and more mission-critical applications to Kubernetes (K8s) and the cloud to reduce costs, achieve faster deployment times, and improve operational efficiencies, but are struggling to achieve a strong security posture because of their inability to apply conventional security practices in the cloud environment. Commitment to cloud security grows, but security safeguards are not keeping up with the increased use of the various cloud platforms.

Read Post

Tigera

Read more about Five Ways to Quickly Uncover Malicious Activity and Protect Your Kubernetes Workloads

The 5 Must-Do's When Implementing Cloud-Native Security in Red Hat OpenShift

Dec 11, 2019 By Sysdig In Sysdig

Security is one of the biggest challenges in the day 2 operations journey for the cloud-native stack. New paradigms like containers, microservices and hybrid cloud workloads disrupt the way enterprises implement security processes.

View Video

Sysdig

Read more about The 5 Must-Do's When Implementing Cloud-Native Security in Red Hat OpenShift

Open Policy Agent in Practice: From Angular to OPA in Chef Automate

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Michael Sorens from Chef discusses how OPA provides granular authorization within applications:

View Video

Styra

Read more about Open Policy Agent in Practice: From Angular to OPA in Chef Automate

Open Policy Agent at Scale: How Pinterest Manages Policy Distribution

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Jeremy Krach and Will Fu discuss how OPA policies are authored, distributed, and utilized at Pinterest (service mesh, kafka, internal tools). They also cover lessons learned in the process.

View Video

Styra

Read more about Open Policy Agent at Scale: How Pinterest Manages Policy Distribution

TripAdvisor: Building a Testing Framework for Integrating Open Policy Agent into Kubernetes

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Luke Massa from TripAdvisor discusses how he leveraged OPA’s API and unit test framework. The example shown is a system in which you write k8s admission policy alongside some mock changes to the cluster, some of which should be accepted and some of which should not be, and then run code that tells you whether your policy matches your expectation.

View Video

Styra

Read more about TripAdvisor: Building a Testing Framework for Integrating Open Policy Agent into Kubernetes

Deploying Open Policy Agent at Atlassian

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Chris Stivers and Nicholas Higgins from Atlassian walk through their journey building a global authorization platform with Open Policy Agent and the help of Fluentd, S3, CDN's, Amazon Kinesis, and many more.

View Video

Styra

Read more about Deploying Open Policy Agent at Atlassian

Open Policy Agent for Policy-enabled Kubernetes and CICD

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Jiummy Ray from CapitalOne discusses how you can satisfy compliance, governance, and security requirements effectively with OPA.

View Video

Styra

Read more about Open Policy Agent for Policy-enabled Kubernetes and CICD

PSA: Beware of Exposing Ports in Docker

Dec 4, 2019 By Ben Meyer In Tripwire

Docker is an awesome technology, and it’s prevalent in nearly every software developer’s workflow. It is useful for creating identical environments and sharing them between development, testing, production, and others. It’s a great way to ship a reliable software environment between systems or even to customers. However, like with any technology, one must know how to be secure when using it.

Read Post

Tripwire

Read more about PSA: Beware of Exposing Ports in Docker

Modern compliance with Sysdig Secure DevOps Platform

Dec 2, 2019 By Josh Ziman In Sysdig

Authorization to Operate (ATO) in a day and on-going authorization are compliance nirvana. The ATO is the authorizing official’s statement that they accept the risk associated with the system running in production environments using live business data. The idea that all of the information necessary to make a risk decision is at hand and can be consumed by decision makers is what every compliance program is trying to achieve.

Read Post

Sysdig

Read more about Modern compliance with Sysdig Secure DevOps Platform

Inline Image Scanning for AWS CodePipeline and AWS CodeBuild

Nov 26, 2019 By Fede Barcelona In Sysdig

In this blog post you’ll learn how to set up image vulnerability scanning for AWS CodePipeline and AWS CodeBuild using Sysdig Secure DevOps Platform. AWS provides several tools for DevOps teams: CodeCommit for version control, CodeBuild for building and testing code, and CodeDeploy for automatic code deployment. The block on top of all these tools is CodePipeline that allows them to visualize and automate these different stages.

Read Post

Sysdig

Read more about Inline Image Scanning for AWS CodePipeline and AWS CodeBuild

Subscribe to Containers

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Five Ways to Quickly Uncover Malicious Activity and Protect Your Kubernetes Workloads

The 5 Must-Do's When Implementing Cloud-Native Security in Red Hat OpenShift

Open Policy Agent in Practice: From Angular to OPA in Chef Automate

Open Policy Agent at Scale: How Pinterest Manages Policy Distribution

TripAdvisor: Building a Testing Framework for Integrating Open Policy Agent into Kubernetes

Deploying Open Policy Agent at Atlassian

Open Policy Agent for Policy-enabled Kubernetes and CICD

PSA: Beware of Exposing Ports in Docker

Modern compliance with Sysdig Secure DevOps Platform

Inline Image Scanning for AWS CodePipeline and AWS CodeBuild

Monthly Archive

Follow Us