DevSecOps Archives

Docker Hub, container images, Ensuring Container Security

JFrog Reveals Docker Hub Compromise Spanning Millions of Repositories

Malware attacks against millions of Docker Hub repositories have been underway since 2021. Assume all the content you host on a publicly accessible repository might be compromised ...

Mike Vizard | April 30, 2024 | docker, docker hub, JFrog, malware, malware campaign

Safeguarding Serverless Architectures: Understanding the Vital Role of CNAPP

In today's rapidly evolving tech landscape, understanding serverless architectures is crucial for organizations striving to leverage cloud computing efficiently ...

Anton Lucanus | April 30, 2024 | CNAPP, CSPM, cybersecurity, cyberthreats, serverless architecture

Red Hat Adds Developer Tools to Extend DevSecOps Reach

Red Hat added three new developer tools, expanding its DevSecOps portfolio for building secure cloud-native applications ...

Mike Vizard | April 18, 2024 | developer tools, DevSecOps, red hat

container security sysdig snyk container Mirantis Aqua Security GitHub

Sysdig Allies With Snyk to Improve Container Security

Sysdig and Snyk are integrating their respective security technologies to enable organizations to better secure the entire container life cycle. Eric Carter, director of product marketing for Sysdig, says the integration of ...

Mike Vizard | February 16, 2022 | container security, microservices architecture, Snyk, Sysdig

Tigera Adds Scanning Engine to CNAPP for Kubernetes

Tigera today announced the addition of a scanning engine to its Calico Cloud service that will continuously assess images for vulnerabilities and misconfigurations in addition to managing interactions among microservices running on ...

Mike Vizard | February 10, 2022 | Calico Cloud, cloud native security, CNAPP, Tigera

Open Policy Agent 101: A Beginner’s Guide

More than 90% of applications will be cloud-native by 2023. As organizations transition from monolithic, on-premises environments to dynamic cloud-based ones, ensuring access control becomes more critical—and complex. That’s why I co-created ...

Tim Hinrichs | February 8, 2022 | cncf, kubernetes, OPA, open policy agent, policy management

cloud-native software policy Styra Shifts Kubernetes Policy Management Left

The State of Policy Management In Kubernetes

Kubernetes is enabling powerful container orchestration capabilities for many organizations. But with this power comes great responsibility. Securing Kubernetes access is crucial to meet compliance requirements and avoid data leaks. And a ...

Bill Doerrfeld | January 31, 2022 | cloud-native apps, container security, kubernetes, policy management

phishing OWASP Kubernetes security Veracode key management container security CNCF security secure Kubernetes

Best of 2021 – 7 Principles of DevSecOps With Kubernetes

As we close out 2021, we at Container Journal wanted to highlight the most popular articles of the year. Following is the eighteenth in our series of the Best of 2021. In ...

Marc Hornbeek | December 28, 2021 | DevSecOps, devsecops principles, kubernetes, Kubernetes security

DevSecOps Essentials for Containers

DevSecOps has emerged as the preferred and necessary approach to secure modern applications by ensuring security practices are seamlessly integrated into the software development and delivery process in an automated fashion. While ...

Ajay Patel | November 9, 2021 | container security, container security best practices, containers, DevSecOps, Docker containers, kubernetes