DevSecOps Archives

CleanStart Takes Aim at BusyBox to Harden Container Security

Container security faces a significant "inheritance risk" through BusyBox, a legacy utility package embedded in popular base images. CleanStart addresses this with a new BusyBox-free container architecture, replacing inherited userspace utilities with ...

Tom Smith | April 8, 2026 | Alpine Linux Alternative, Build-time Validation, BusyBox-free, CleanStart, container security, Deterministic Runtime, DevSecOps, minimal container images, SBOM, software supply chain

Slim.AI Docker OpsRamp Extends AIOps Reach to Kubernetes

The New Multi-Tenant Challenge: Securing AI Agents in Cloud-Native Infrastructure

AI agents run untrusted code. Here’s how to secure them using isolation, least privilege and proven cloud-native patterns ...

Ben Wheatley | March 20, 2026 | AI agents, cloud native security, container security, DevSecOps, least privilege, Multi-tenancy

Survey Surfaces Raft of Container Security Challenges

A BellSoft survey reveals gaps in container security practices, showing that human error, limited vulnerability scanning, and infrequent patching continue to expose cloud-native environments to risk ...

Mike Vizard | January 29, 2026 | BellSoft survey, cloud native security, container patching, container security, DevSecOps, image signing, Kubernetes security, SBOM, software supply chain security, vulnerability scanning

devsecops, supply chain, Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

Best of 2025: DevSecOps for Kubernetes: 15 Best Practices for 2025

In today’s environment, it is becoming harder to build secure applications. Applications are becoming increasingly complex, relying on more and more dependencies and components provided by vendors than ever before. These components ...

Carey Bishop | December 30, 2025 | best practices, DevSecOps, kubernetes

TLS, certificates, Docker, vulnerabilities, supply chain, KubeCon, SigStore, Kubernetes TrapX container security

Docker, Inc. Adds More Than a Thousand Free Hardened Container Images

Docker is releasing more than 1,000 hardened container images under an open source license, aiming to cut vulnerabilities and strengthen software supply chains ...

Mike Vizard | December 17, 2025 | Alpine containers, cloud native security, container security, CVE management, Debian containers, DevSecOps, Docker AI Assistant, Docker hardened images, docker hub, hardened container images, open source containers, SBOM, SLSA provenance, software supply chain security

5 Reasons Cloud-Native Companies Should Start Adopting Quantum-Safe Security Today

Quantum computing threatens today’s encryption. Learn why cloud-native organizations must adopt quantum-safe security to stay compliant and resilient ...

metrics, agents, ai, cloud-native, cloud native, project, istio, ambient, architecture, modules, cloud native, CCoE Kubernetes Virtana CrowdStrike cloud native

The Future of Cloud-Native DevOps, DataOps, FinOps and Beyond

Explore how cloud-native DevOps, DataOps, and FinOps are shaping the future of scalable, automated, and intelligent cloud application development ...

How Distroless Containers Defend Against npm Malware Attacks

The npm breach shows why distroless containers matter. Learn how minimal, continuously rebuilt images strengthen cloud-native supply-chain security ...

SRE, autoscaling, Tailscale, Kubernetes, argo cd, Kubernetes v1.33, AI, Nelm, Kubernetes, architecture, , architecture, Rackspace, GPUs, Kubernetes, Solo.io Kubernetes cloud foundry keptn cloud-native automation

Why Traditional Kubernetes Security Falls Short for AI Workloads

AI workloads on Kubernetes bring new security risks. Learn five principles—zero trust, observability, and policy-as-code—to protect distributed AI pipelines ...

runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

Runtime Visibility & AI-powered Security in Cloud-Native Environments

Kubernetes and cloud-native platforms have transformed software delivery — but also redefined the attack surface. As threats shift to runtime, visibility and real-time response have become the new security frontline. AI-driven anomaly ...