Cloud-Native Security Archives

Bad Actors Exploiting Docker Remote API Servers in Attacks

Researchers from cybersecurity vendor Trend Micro are urging developers to secure and monitor their Docker remote API servers after attacks by threat actors targeting the systems to install a Linux malware and ...

Jeff Burt | November 4, 2024 | cryptomining, Docker attack, malware campaign, remote API, Trend Micro

runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

How to Secure Cloud-Native Architectures Without Sacrificing Agility

The real question isn’t just about what risks you are missing, but how to secure your infrastructure without losing the agility offered by cloud-native architectures. ...

Akhil Mittal | October 2, 2024 | chaos engineering, cloud native security, cloud-native architectures, Resilience in cloud-native

devsecops, supply chain, Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

JFrog Adds Runtime Platform to Secure Cloud-Native Apps Running on Kubernetes

JFrog today at its swampUP 2024 conference revealed it has added an ability to automate real-time DevSecOps workflows spanning source code to binaries deployed in Kubernetes environments ...

Mike Vizard | September 10, 2024 | DevSecOps, kubernetes, workflows

metrics, agents, ai, cloud-native, cloud native, project, istio, ambient, architecture, modules, cloud native, CCoE Kubernetes Virtana CrowdStrike cloud native

Azure Flaw Highlights Need to Secure Kubernetes Cloud Clusters

A security flaw found by Mandiant in Microsoft's AKS service would have let attackers escalate privileges and steal data ...

Jeff Burt | August 22, 2024 | cybersecurity, Google Mandiant, kubernetes, Microsoft Azure Cloud

AI, containers, kuberneted, databases DH2i Postgres data Red Hat storage IBM Yugabyte Database

How Kubernetes and Containers Will Protect — and be Protected by — AI

As companies expand their use of predictive and generative AI in building new applications and services, the security of the underlying data becomes increasingly important — and challenging. Container-focused technologies — including ...

Kirsten Newcomer | July 30, 2024 | application development, cloud-native applications, containers, kubernetes, open source, red hat

Machines and Workloads Need Identities Too — Not Just Humans

If machine and workload identities are not being managed consistently across environments, they can pose an increased risk of compromise to your organization. ...

Matt Barker | July 16, 2024 | cloud native, machine identity, SPIFFE, workload identity, zero-trust

Calico Cluster Mesh Simplifies Microservices Integration

Calico Cluster Mesh delivers the benefits of a service mesh without the added complexity and latency of a traditional service mesh solution ...

Adrian Bridgwater | June 27, 2024 | Calico, project calico, service mesh

Isovalent Strengthens Cloud Native Security via Tetragon Enterprise Update

The goal is to provide an important cybersecurity piece to the cloud-native computing puzzle ...

Mike Vizard | May 3, 2024 | cncf, Isovalent, linux, open source, Tetragon

Docker Hub, container images, Ensuring Container Security

JFrog Reveals Docker Hub Compromise Spanning Millions of Repositories

Malware attacks against millions of Docker Hub repositories have been underway since 2021. Assume all the content you host on a publicly accessible repository might be compromised ...

Mike Vizard | April 30, 2024 | docker, docker hub, JFrog, malware, malware campaign