Cloud-Native Security Archives

Docker, secrets, gitguardian Thycotic Kubernetes secrets

Flare Finds 10,000 Docker Hub Images Exposing Secrets

Researchers found thousands of Docker images exposing API keys and tokens, revealing how secrets sprawl, shadow IT, and poor hygiene fuel modern breaches ...

Jeff Burt | December 16, 2025 | API, CI/CD security, cloud computing, container images, credentials, developers and containers, docker hub, exposed secrets, Flare Systems, passwords, shadow IT

5 Reasons Cloud-Native Companies Should Start Adopting Quantum-Safe Security Today

Quantum computing threatens today’s encryption. Learn why cloud-native organizations must adopt quantum-safe security to stay compliant and resilient ...

TLS, certificates, Docker, vulnerabilities, supply chain, KubeCon, SigStore, Kubernetes TrapX container security

How Distroless Containers Defend Against npm Malware Attacks

The npm breach shows why distroless containers matter. Learn how minimal, continuously rebuilt images strengthen cloud-native supply-chain security ...

runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

Runtime Visibility & AI-powered Security in Cloud-Native Environments

Kubernetes and cloud-native platforms have transformed software delivery — but also redefined the attack surface. As threats shift to runtime, visibility and real-time response have become the new security frontline. AI-driven anomaly ...

The Corrupt Algorithm: Securing the AI Supply Chain with Containers

The pipelines are green. The dashboards are clear. Commits are flowing without a hitch. For most DevOps teams, that’s the definition of success: smooth builds, tested deployments, automation firing on all cylinders ...

Jaymes Davis | September 22, 2025 | AI, containers, security, supply chain

devsecops, supply chain, Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

AI Security in the Cloud-Native DevSecOps Pipeline

As AI reshapes DevSecOps, speed and efficiency collide with new, often hidden, security risks. From machine-generated code flaws to model supply chain threats, the future of cloud-native security depends on blending AI’s ...

Saqib Jan | August 13, 2025 | AI DevSecOps, AI security, cloud native security

kubernetes, network, logistics, security, Traefik Tigera container security Calico Red Hat Dynatrace

Securing The Digital Supply Chain: Network Security Best Practices for Cloud-Native Logistics

As the logistics industry evolves toward fully digitized, cloud-native infrastructures, security has become an urgent and complex priority ...

Mike Marut | May 28, 2025 | Cloud-native logistics security, Digital supply chain protection, Zero trust architecture in logistics

Security in Kubernetes: Your Stack is Lying to You

The organizations that succeed will not be the ones with the most tools. They will be the ones that treat security as code, embed it into every commit and align their practices ...

Andrew Korolov | May 23, 2025 | cloud native security, kubernetes, security, tools

state, stateless, kubernetes, scanning, cloudsmith, stateless ephemeral stateful security Kubernetes unikernel Sumo Logic

Cloudsmith Updates Container Registry to Streamline DevSecOps Workflows

Cloudsmith at the Kubecon + CloudNativeCon Europe 2025 conference today added real-time vulnerability scanning along with an ability to automate the signing for container images, as they are cached using the open-source ...

Mike Vizard | April 1, 2025 | container security, containers, DevSecOps

Remote Code Execution Vulnerabilities Surface in Ingress Nginx

Tel-Aviv’s Wiz Research team says it has identified a series of unauthenticated Remote Code Execution (RCE) vulnerabilities in the Ingress Nginx Controller for Kubernetes. ...

Adrian Bridgwater | March 27, 2025 | kubernetes, vulnerabilities