Cloud-Native Security Archives

firewall, aviatrix, cloud native security, kubernetes, hardening Aqua Security

Aviatrix Adds Kubernetes Firewall to Secure Cloud-Native Platforms

Aviatrix has launched a Kubernetes firewall designed to specifically address the unique requirements of cloud-native computing environments that typically consume ten times as many IP addresses than legacy platforms ...

Mike Vizard | March 4, 2025 | cloud-native application security, firewall, kubernetes

edge, containers, containerization, containers, Edara, Buildpacks, container, dockerfiles, time, containers, security, and, Docker, DevOps, docker containers, python, add-ons, kubernetes, Chainguard Docker container Stormforge Azure containers Microsoft New Relic Java Kublr platform Containers on Azure

Solving Container Security Challenges: Vulnerabilities, Shadow Deployments and Deployment Gaps

In containerized environments security risks can exist in three areas: Vulnerabilities in software, shadow containers and deployment problems ...

Matt Middleton-Leal | March 4, 2025 | cloud native, containers, KubeCon, kubernetes, security

Wartime Footing, Horizon3.ai Lifts Dawn On NodeZero Kubernetes Pentesting

Horizon3.ai has announced the release of its NodeZero Kubernetes Pentesting product, available to all users of its NodeZero platform ...

Adrian Bridgwater | January 9, 2025 | kubernetes, pentesting

zero-trust, Tigera zero-trust GitOps DevSecOps Kubernetes

The Key to Securing Hybrid Cloud Environments is Zero-Trust

Unlike traditional models that grant implicit trust based on network location, zero-trust assumes that no entity should be trusted by default ...

Kyle Wickert | December 20, 2024 | cloud security, hybrid cloud, zero-trust

Edera’s Big Container Security Question: Am I Isolated?

Company releases ‘Am I Isolated’, an open source container security benchmark and Rust-based container runtime scanner ...

Adrian Bridgwater | November 11, 2024 | containers, kubernetes, security

TLS, certificates, Docker, vulnerabilities, supply chain, KubeCon, SigStore, Kubernetes TrapX container security

SigstoreCon Supply Chain Day 2024: Celebrating the Impact of Sigstore on Digital Signing and Supply Chain Security

As we approach SigstoreCon at KubeCon + CloudNativeCon, where experts will share their insights, let's reflect on Sigstore and its impact ...

Luke Hinds | November 4, 2024 | KubeCon

Unlocking the Full Potential of Container Vulnerability Scans

Given the complex dependencies of container images, which can rely on other container images with potential vulnerabilities, it is crucial for developers to proactively identify and address container security vulnerabilities before deployment ...

Daniel Helfand | November 4, 2024 | container security, KubeCon, vulnerabilities

Docker, Trend Micro, SIEM attack Aqua Security CyberArk pen testing Accurics

Bad Actors Exploiting Docker Remote API Servers in Attacks

Researchers from cybersecurity vendor Trend Micro are urging developers to secure and monitor their Docker remote API servers after attacks by threat actors targeting the systems to install a Linux malware and ...

Jeff Burt | November 4, 2024 | cryptomining, Docker attack, malware campaign, remote API, Trend Micro

runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

How to Secure Cloud-Native Architectures Without Sacrificing Agility

The real question isn’t just about what risks you are missing, but how to secure your infrastructure without losing the agility offered by cloud-native architectures. ...

Akhil Mittal | October 2, 2024 | chaos engineering, cloud native security, cloud-native architectures, Resilience in cloud-native

devsecops, supply chain, Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

JFrog Adds Runtime Platform to Secure Cloud-Native Apps Running on Kubernetes

JFrog today at its swampUP 2024 conference revealed it has added an ability to automate real-time DevSecOps workflows spanning source code to binaries deployed in Kubernetes environments ...

Mike Vizard | September 10, 2024 | DevSecOps, kubernetes, workflows