Cloud-Native Security
Kubernetes Security in Your CI/CD Pipeline
Kubernetes security involves implementing security measures and tools and adopting best practices for protecting Kubernetes workloads. Kubernetes is an open source container management platform across public, private and hybrid clouds. Organizations employ ...
CrowdStrike Details Sophisticated Container Cryptojacking Campaign
At the KubeCon + CloudNativeCon North America conference today, CrowdStrike revealed details of a complex cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure. The campaign employs a combination of an obscure domain ...
5 Laws of Cloud-Native Authorization
In a microservices world, each service needs to verify that a subject (user or machine) has permission to perform an operation on a resource that the service manages. But in an agile ...
Vulnerability Management: Context From Code to Cloud
Almost all modern cloud-native applications are developed using open source components. And yet, security is not always the top priority for open source developers. While many vulnerabilities can be accidental (e.g., coding ...
Understanding Role-Based Access Control in Kubernetes
“I’m sorry Dave, I’m afraid I can’t do that.” – HAL 9000, 2001: A Space Odyssey This iconic quote from 2001: A Space Odyssey is a great place to start if you ...
Spectro Cloud Strengthens Kubernetes Security at the Network Edge
Spectro Cloud has updated its Palette Edge platform with the option to include a distribution of Kubernetes optimized for the network edge. The latest version also adds tamperproof security capabilities for immutable ...
Container Images: The Next Software Supply Chain Concern?
Containers not only provide a mechanism for packaging code in deployable and manageable units, but containers are also a downloadable resource that can speed up infrastructure and app configurations, rapidly creating development ...
Veracode Adds Container Support to Security Tool for Developers
Veracode is launching an early access program through which it is adding support for containers to its Continuous Software Security Platform. Brian Roche, chief product officer for Veracode, says this offering will ...
Sysdig Report Reveals True Cost of Container Security Breaches
A Sysdig report published today finds that for every dollar cybercriminals generate through a cryptomining attack against a cloud container environment, victims end up paying a $53 bill. As a result, an ...
Docker, Inc. to Integrate Free SBOM Generation Tool
Docker, Inc. plans to embed the ability to dynamically generate a software bill of materials (SBOM) using the Docker Build command that developers use to build Docker images from a Dockerfile. Company ...
