Hot Topics

ECS Vs. Plain Kubernetes: 5 Key Differences and How to Choose
CNCF Survey Surfaces Cloud-Native Training Conundrum
Not Your Grandpa’s Packet Filter: eBPF in Cloud-Native Networking
Red Hat Previews OpenShift Platform for AI Models
Getting Started With Kubecost: Open Source Cost Management for K8s

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

PerfectScale Rafay Systems Kubecost Granulate Platform9 Kubernetes Cost Controls

Overprovisioning of Containerized Applications Adds to Cloud Costs

Organizations are struggling with cloud cost management for Kubernetes, with the inability to scale back once application demand drops as one of the major drivers of wasted cloud spending. This was one ...

Nathan Eddy | December 16, 2022 | cloud cost management, kubernetes, Kubernetes management, provisioning

Linux Kernel Bug Allows Kubernetes Container Escape

Hackers could exploit a Linux kernel bug to escape Kubernetes containers and access critical resources; however, the threat is minimized as any attacker needs to have the specific Linux capability CAP_SYS_ADMIN. The ...

Nathan Eddy | January 31, 2022 | Container Linux, container security, container vulnerability, kubernetes, Linux kernel

Quali OutSystems Spectro Cloud IaC Kubernetes audit

Kubernetes Users See Serverless Future

As a growing number of organizations deploy services and applications on Kubernetes, hybrid and multi-cloud environments are also seeing increased rates of adoption as well as an interest in serverless technology. A ...

Nathan Eddy | August 27, 2021 | cloud, Cockroach Labs, kubernetes, Red Hat OpenShift, serverless computing

DevSecOps authorization incident Deepfence misconfigured Kubernetes security

Misconfigured Argo Workflows Expose K8s to Attack

With the use of Kubernetes growing rapidly among enterprises comes increased opportunities for attackers to exploit the popular container orchestration platform’s weaknesses in security. This week, security specialist Intezer has detected a ...

Nathan Eddy | July 23, 2021 | Argo, container security, Kubernetes security

Techstrong TV – Live

Click full-screen to enable volume control

Watch latest episodes and shows

UPCOMING WEBINARS

CloudNativeNow.com
DevOps.com
SecurityBoulevard.com

Managing Security Posture and Entitlements in the Cloud

19 October 2023

Federating access and ensuring compliance across multi-cloud and hybrid environments is a challenge. This is especially true without proper visibility and processes in place to understand what’s being deployed and how to maintain least-privilege access. Credentials are the number-one attack vector in the cloud, and threat actors are increasingly using The post Managing Security Posture and Entitlements in the Cloud appeared first on Cloud Native Now. [...]

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

18 October 2023

Picture this: Your application is composed of 12 Docker containers. Together, they have 400 packages. Your SCA scan detects 120 critical and high vulnerabilities. Your dev team doesn’t have the cycles to fix all of them in time. How do you identify which vulnerabilities truly represent higher risk? In this The post Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities appeared first on Cloud Native Now. [...]

Securing Cloud-Native Workloads: A Deep Dive into Achieving Zero Trust Through Effective Policies on AWS

12 October 2023

Join our upcoming program, where we delve into the intricacies of implementing Zero Trust security principles for cloud-native workloads on AWS. In this session, our experts will discuss the key elements of Zero Trust, emphasizing the role of well-defined policies in bolstering security. The post Securing Cloud-Native Workloads: A Deep Dive into Achieving Zero Trust Through Effective Policies on AWS appeared first on Cloud Native Now. [...]

Explaining the Business Value of Cloud Native to Your Boss

5 October 2023

Your business only cares if the app is running. But it takes a lot of tooling to make that happen and as DevOps, platform engineers and SREs, we need the ability to clearly articulate the business value of why you need Kubernetes, automation and cost tooling, or why your current The post Explaining the Business Value of Cloud Native to Your Boss appeared first on Cloud Native Now. [...]

SRE – Chaos Engineering (APAC)

5 October 2023

The post SRE – Chaos Engineering (APAC) appeared first on Cloud Native Now. [...]

A Guide to Smart Dependency Management

28 September 2023

Dependencies play an important role in the software development life cycle. The use of pre-built, often third-party components are used at various stages such as development, execution and testing. These software dependencies offer several benefits for software developers. They help devs deliver software quickly by providing pre-built functionality and extend the project’s capabilities. However, dependencies […] [...]

How Service Management Improves Cybersecurity

28 September 2023

Improve Software Quality with Application Governance

28 September 2023

Managing applications and implementing DevOps in a regulated industry can be incredibly taxing. Our industry experts have seen first-hand how the same regulatory requirements can be interpreted in different ways by different companies, even those within the same industry and similar risk profiles that the controls are intended to handle. Within many companies (of a […] [...]

AWS and Sumo Logic: Observability With OpenTelemetry

26 September 2023

Collecting the data that you need for monitoring and troubleshooting your applications is the first step of your observability journey. OpenTelemetry (OTel), an open source project that aims to unify collection for logs, metrics and traces, is changing the observability landscape as it establishes itself as the industry standard for instrumentation, collection and correlation of […] [...]

How PRINCE2 Improves Cybersecurity

26 September 2023

Once a vulnerability is discovered a methodical approach to first discovering every instance where that vulnerability might exist, and then how to ensure remediation needs to be put in place. PRINCE2 provides the foundation for ensuring cybersecurity is consistently attained and maintained in an ear where the number of cybersecurity projects that need to be […] [...]

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

24 October 2023

Security leaders are wrestling with managing and mitigating cloud risk. Cloud brings speed and automation, but adversaries are moving faster than ever. Seconds matter. Organizations are finding that a disjointed patchwork of tools slows response and leaves too many security gaps. A new approach is needed to streamline cloud security operations, reduce alert fatigue and.. The post When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig appeared first on Security Boulevard. [...]

Managing Security Posture and Entitlements in the Cloud

19 October 2023

Federating access and ensuring compliance across multi-cloud and hybrid environments is a challenge. This is especially true without proper visibility and processes in place to understand what’s being deployed and how to maintain least-privilege access. Credentials are the number-one attack vector in the cloud, and threat actors are increasingly using zero-day vulnerabilities to gain access.. The post Managing Security Posture and Entitlements in the Cloud appeared first on Security Boulevard. [...]

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

18 October 2023

Picture this: Your application is composed of 12 Docker containers. Together, they have 400 packages. Your SCA scan detects 120 critical and high vulnerabilities. Your dev team doesn’t have the cycles to fix all of them in time. How do you identify which vulnerabilities truly represent higher risk? In this hands-on workshop, Deepfactor’s VP of.. The post Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities appeared first on Security Boulevard. [...]

Securing Cloud-Native Applications Across the Software Development Life Cycle

17 October 2023

Cloud-native applications open a new frontier for application risk from multiple sources. Risk reduction approaches for cloud-native applications need to take a holistic approach to the software development lifecycle to be effective. In this webinar you will learn: Why this involves finding and remediating risks as they are introduced, from coding with secure practices to.. The post Securing Cloud-Native Applications Across the Software Development Life Cycle appeared first on Security Boulevard. [...]

Shadow Access: Where IAM Meets Cloud Security

16 October 2023

Cloud, application data, AI, and third-party access are growing concerns that create identity and access management (IAM) blind spots. These cloud IAM blind spots represent an ever-expanding threat vector to cloud security, enabling unmonitored, unauthorized ‘shadow access’ and the potential for data exposure. Cloud security and cloud operations teams need to regain visibility and control.. The post Shadow Access: Where IAM Meets Cloud Security appeared first on Security Boulevard. [...]

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

CNCF Graduates KEDA Autoscaler for Kubernetes Clusters

Cloud Isn’t That Simple Anymore: Polycloud Vs. Sky Computing

Mastering Microservices: 7 Considerations for Implementing Sidecar Containers

Datadog Report Shows More Reliance on Serverless Computing

Cosmonic Commits to Next Iteration of Wasm Standard