Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Tigera

tigera

Using the MITRE ATT&CK framework to understand container security

As innovations in the world of application development and data computation grow every year, the “attack surface” of these technologies grows as well. The attack surface has to be understood from two sides—from the attacker’s side and from the organization being attacked.

tigera

3 container security best practices to strengthen your overall security posture

Container environments are highly dynamic and require continuous monitoring, observability, and security. Since container security is a continuous practice, it should be fully integrated into the entire development and deployment cycle. Implementing security as an integral part of this cycle allows you to mitigate risk and reduce the number of vulnerabilities across the dynamic and complex attack surface containers present.

tigera

Zero trust in the cloud: Best practices and potential pitfalls

Architecturally speaking, cloud-native applications are broken down into smaller components that are highly dynamic, distributed, and ephemeral. Because each of these components is communicating with other components inside or outside the cluster, this architecture introduces new attack vectors that are difficult to protect against using a traditional perimeter-based approach.

tigera

Vulnerability management: 3 best practices and tips for image building and scanning

As enterprises adopt containers, microservices, and Kubernetes for cloud-native applications, vulnerability management is crucial to improve the security posture of containerized workloads throughout build, deploy, and runtime. Securing your build artifacts and deployment pipeline, especially when it comes to images, is extremely important.

tigera

What's new in Calico Cloud: General availability of new container security features

Summer is almost over but we are bringing the heat back with the official release of Tigera’s new container security features. With this official launch, Calico leads the industry by offering a complete line of solutions across every stage of a cloud-native application CI/CD pipeline.

tigera

Implementing zero-trust workload security on Amazon EKS with Calico

Whether you’re migrating to the cloud via lift-and-shift deployments, or re-architecting to a cloud-native architecture, the migration itself and adopting a microservices architecture is no easy feat. To accelerate their cloud-native journey, many organizations opt for a managed Kubernetes service, as the skill and resources required to run a container orchestration system at scale are demanding.

tigera

Quick and easy vulnerability management with Calico Cloud

As more enterprises adopt containers, microservices, and Kubernetes for their cloud-native applications, they need to be aware of the vulnerabilities in container images during build and runtime that can be exploited. In this blog, I will demonstrate how you can implement vulnerability management in CI/CD pipelines, perform image assurance during build time, and enforce runtime threat defense to protect your workloads from security threats.

tigera

Getting started with container security

A couple of days ago, I was checking my Twitter feed and saw a tweet from someone saying how frustrated he was that DockerHub (a renowned container registry) was down. Someone else replied to the tweet, recommending the tweet’s author to check out Google’s repository, where they have DockerHub mirrors in Google Cloud.

tigera

Why your security teams are not ready for containers and Kubernetes, and what you can do about it

From a people perspective and an organizational standpoint, many CISOs have said that their security teams are not ready for containers and Kubernetes. This isn’t surprising, given the stark contrast between where we were less than a decade ago and where we are today in terms of systems architecture. I am of course referring to the cloud-native era, which has ushered in a whole new architectural approach.