DevSecOps Archives

ingress Sysdig SUSE Siloscape security-as-code Docker

Best of 2023: Three Newly-Discovered Kubernetes Ingress Vulnerabilities Create Security Challenge

Three vulnerabilities were disclosed that impact ingress controllers based on open source Nginx software embedded within Kubernetes clusters ...

Mike Vizard | December 27, 2023 | cloud native security, controllers, DevSecOps, ingress, KSOC, kubernetes, NGINX, vulnerabilities

kpack, buildpacks, CI/CD, Codefresh, Komodor, AI, clusters, kubernetes, generative AI Kubernetes Argo container security continuous SQL Server Windocks Tekton Kubeflow Red Hat CI/CD

Applying Generative AI Within Cloud-Native Workflows

There are many interesting ways generative AI can be applied to accelerate cloud-native development and collaboration. Here are just a few ...

Bill Doerrfeld | November 28, 2023 | app dev, cloud native application development, generative AI, kubernetes, microservices

Docker Rookout Brings Debugging Tools to Kubernetes

5 Surprising Uses for Docker Debug

Beyond troubleshooting, the Debug command can help improve the performance and resource utilization of Docker containers ...

Gilad David Mayaan | November 27, 2023 | cloud native application development, debugging, docker, security

Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

Cerbos Managed Authorization Service Leverages Wasm

Cerbos announced today that its Cerbos Hub managed service based on open source authorization software is now available in beta ...

Mike Vizard | November 6, 2023 | authorization, Cerbos, Cerbos Hub, KubeCon, Wasm, WebAssembly

CloudBees Brings Modern DevSecOps Platform to Amazon EKS

CloudBees' recently unveiled DevSecOps platform is now generally available on the Amazon Elastic Kubernetes Service (Amazon EKS) ...

Mike Vizard | November 2, 2023 | Amazon EKS, cloudbees, DevSecOps, kubernetes, managed Kubernetes

zero-trust services cloud-native permissions CNCF SOA vs. Microservices Monitoring

How Cloud-Native Zero-Trust Could Up its Game With Permissions

The cloud-native world could learn a thing or two from the simplicity of mobile application permissions ...

Ori Shoshan | October 16, 2023 | cloud-native applications, mobile applications, permissions, security, zero-trust

Sweet Security Unfurls Cloud-Native Runtime Protection Platform

Sweet Security today launched a Cloud Runtime Security Suite platform for securing cloud-native application runtimes ...

Mike Vizard | August 9, 2023 | cloud native security, Kubernetes clusters, software supply chain, Sweet Security

Automating Security in Containers With DevSecOps

Containers have become incredibly popular in software development. They make it easy for organizations to quickly build, deploy and manage scalable and efficient applications. However, as more and more organizations adopt container ...

Nahla Davies | June 8, 2023 | application development, container, container security, DevSecOps, SDLC

Octopus deploy Red Hat containers Kyndryl Node.js Open Policy Agent OPA cloud-native

Red Hat Adds Interconnect and Cybersecurity Services for Kubernetes

Red Hat today added a Red Hat Service Interconnect to its portfolio that is based on an open source Skupper.io project that enables Layer 7 networking between application components running on different ...

Mike Vizard | May 23, 2023 | application development, cloud native security, red hat, Service Interconnect, Skupper

KSOC Publishes SBOM Specification for Kubernetes

Kubernetes Security Operations Center (KSOC) this week published a Kubernetes Bill of Materials (KBOM) specification that promises to make it simpler to discover vulnerabilities. KBOM, available via an open source command line ...

Mike Vizard | May 12, 2023 | KBOM, KSOC, kubernetes, Kubernetes security, SBOM, software bill of materials