Cloud-Native Security Archives

ingress Sysdig SUSE Siloscape security-as-code Docker

Noma Security Identifies Security Flaw in Docker AI Assistant

Noma Security today revealed it has discovered a critical security flaw in the artificial intelligence (AI) assistant made available by Docker, Inc. Sasi Levi, security research lead for Noma Security, said the ...

Mike Vizard | February 3, 2026 | AI, docker, Noma Security, security

Survey Surfaces Raft of Container Security Challenges

A BellSoft survey reveals gaps in container security practices, showing that human error, limited vulnerability scanning, and infrequent patching continue to expose cloud-native environments to risk ...

Mike Vizard | January 29, 2026 | BellSoft survey, cloud native security, container patching, container security, DevSecOps, image signing, Kubernetes security, SBOM, software supply chain security, vulnerability scanning

posture, security posture management, KSPM, Kubernetes KSPM cloud-native Fugue security

Why Secure-by-Design CI/CD Matters in Cloud-Native Systems

CI/CD pipelines are a core part of modern cloud-native systems. They help teams build, test and deploy software quickly. In the past, CI/CD was mainly about automation and speed. Today, it is ...

Sai Sowjanya Koduri | January 6, 2026 | CI/CD, cloud native, Secure-by-Design, security

Docker, secrets, gitguardian Thycotic Kubernetes secrets

Flare Finds 10,000 Docker Hub Images Exposing Secrets

Researchers found thousands of Docker images exposing API keys and tokens, revealing how secrets sprawl, shadow IT, and poor hygiene fuel modern breaches ...

Jeff Burt | December 16, 2025 | API, CI/CD security, cloud computing, container images, credentials, developers and containers, docker hub, exposed secrets, Flare Systems, passwords, shadow IT

5 Reasons Cloud-Native Companies Should Start Adopting Quantum-Safe Security Today

Quantum computing threatens today’s encryption. Learn why cloud-native organizations must adopt quantum-safe security to stay compliant and resilient ...

TLS, certificates, Docker, vulnerabilities, supply chain, KubeCon, SigStore, Kubernetes TrapX container security

How Distroless Containers Defend Against npm Malware Attacks

The npm breach shows why distroless containers matter. Learn how minimal, continuously rebuilt images strengthen cloud-native supply-chain security ...

runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

Runtime Visibility & AI-powered Security in Cloud-Native Environments

Kubernetes and cloud-native platforms have transformed software delivery — but also redefined the attack surface. As threats shift to runtime, visibility and real-time response have become the new security frontline. AI-driven anomaly ...

The Corrupt Algorithm: Securing the AI Supply Chain with Containers

The pipelines are green. The dashboards are clear. Commits are flowing without a hitch. For most DevOps teams, that’s the definition of success: smooth builds, tested deployments, automation firing on all cylinders ...

Jaymes Davis | September 22, 2025 | AI, containers, security, supply chain

devsecops, supply chain, Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

AI Security in the Cloud-Native DevSecOps Pipeline

As AI reshapes DevSecOps, speed and efficiency collide with new, often hidden, security risks. From machine-generated code flaws to model supply chain threats, the future of cloud-native security depends on blending AI’s ...

Saqib Jan | August 13, 2025 | AI DevSecOps, AI security, cloud native security