Is Your Kubernetes Network Security Strategy Solid?
The aftermath of a security incident is the worst time to realize that your Kubernetes protections weren’t good enough. When thorough Kubernetes security measures are in place, potential threats are detected and remediated before they can do harm, explained by NeuVector Co-Founder and CTO Gary Duan.
NeuVector Provides Simplified Container Security and Data Protection to Security, DevOps, and Infrastructure Teams
NeuVector provides a complete platform for achieving Kubernetes-native container security. Importantly, our customers use our platform to protect their container infrastructure without slowing down application development, explained by NeuVector Chief Strategy Officer Fei Huang.
Container security and compliance remains a challenge as deployment speeds ahead
The study, from container security specialist NeuVector, polled over 1,200 DevOps professionals attending KubeCon EU 2021 and shows over 89 percent have container deployments active, and 88 percent are planning additional deployments in the next six to 12 months.
How do I select a container security solution for my business?
The adoption of container architectures is growing steadily, but security and compliance remain top concerns for enterprises, a recent survey revealed.
To select a suitable container security solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.
DevRel for Beginners: What to Know and How to Get Started
Jorn Knuttila, solution architect and DevRel advocate at NeuVector, a container security company, also worked in a variety of IT roles in his 30-year career and said they’ve all contributed in some way to his current work. But like Lachhman, he credited his successful shift into DevRel to an earlier pivot he made to solutions and sales engineer jobs.
Security and Compliance Still a Challenge for Container Architectures
While adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents, a NeuVector survey of more than 1,200 enterprise DevOps professionals reveals.
NeuVector Releases New Report on the Current State of Container Security
NeuVector announced the findings of its 2021 EU Container Security Survey. The new report finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.
Kubernetes Runtime Security is a Growing Concern
NeuVector announced the findings of its 2021 EU Container Security Survey. The new report finds that while adopting container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.
NeuVector Releases Results of 2021 EU Container Security Survey
NeuVector, the leader in Full Lifecycle Container Security, announced the findings of its 2021 EU Container Security Survey. The new report finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.
The AWS Shared Responsibility Model for Kubernetes
In order to achieve the defense-in-depth required to reliably protect container and Kubernetes environments, security must extend throughout the application lifecycle, from initial vulnerability and compliance scans to robust admission controls and automated security at runtime, explained by NeuVector Co-Founder and CTO Gary Duan.
NeuVector Bolsters Leadership Team with a Pair of Security Industry Hires
15 Point Kubernetes Security Checklist
Thoroughly securing containers and Kubernetes environments – especially in production where they’re most vulnerable – requires a layered security strategy with consistent vigilance across multiple fronts. Kubernetes itself has become an increasingly (and concerningly) frequent attack surface, with attackers exploiting critical vulnerabilities to interfere with or infiltrate containers at every stage of the pipeline.
Moogsoft and HCL Technologies partner, Sysdig Series F, and NeuVector expands partnership with IBM
Partnership – Container Security
NeuVector Brings Full Lifecycle Container Security Solution to the IBM Cloud Catalog; Also Announces Integration with IBM Security QRadar
NeuVector Expands Container Vulnerability Scanning to Developers
When NeuVector first launched in 2017, it focused primarily on runtime vulnerability scanning and threat detection, but over the years it has expanded its focus, shifting “left” to developers, explained NeuVector vice president of product management Glen Kosaka.
Kubernetes autoscaling, explained
NeuVector Releases Results of 2021 Container Security Survey
2021 DevSecOps Predictions - Part 2
NeuVector 2021 Predictions: Forecasting Container Security in 2021 - 6 Things to Expect
Kubernetes MiTM Vulnerability Underscores Need for Virtual Patching
How Do Serverless Functions Actually Work? Examining AWS Lambda to Understand Serverless
Female CxO Trailblazers Award
Female CxO Trailblazers Award Winners 2020 is NeuVector CEO, Stephanie Fohn. Female CxO’s within enterprise tech startups demonstrating key qualities and proven achievements: driving company innovation, proof of leadership, implementing and encouraging agile practices, promoting diversity within the company, and contribution to the wider tech community.
Why Securing Secrets in Cloud and Container Environments Is Important – and How to Do It
Key-based “secrets” are required to authorize access and communications across all cloud applications and services, including login access to containerized applications. From the AWS IAM access key, to Google API access token, Facebook access token, OAuth Client Secrets, and countless others, secrets are used to secure myriad public-facing services and internal or external REST APIs.
Deploying compliance and security automation with Kubernetes
Enterprises believe that orchestration and containerization will help with compliance and security as they make the shift to digital transformation. CIOs are opting to shift security as closer to the CI/CD pipeline or software development cycle as possible. Kubernetes and Containers need new or updated security requirements. Such solutions provoke enterprises to shift legacy security policies away from the waterfall or monolithic approach. In most of these approaches, security comes as the last priority.
Why DevOps Teams Need to Take Container Security Seriously
Earlier this year hackers were able to exploit container platform Kubernetes to install cryptomining software in Microsoft Azure. Fei Huang, chief strategy officer at container security platform NeuVector believes that this should be a wake up call to get the attention of enterprise DevOps and DevSecOps teams. We spoke to him to find out more about the risks and how they can be addressed.
6 Kubernetes workflows and processes you can automate
Once upon a time, the concept of “workflow” in Kubernetes might have seemed a bit antithetical. Consider this older definition from the business process management world, via Wikipedia: “A workflow consists of an orchestrated and repeatable pattern of activity, enabled by the systematic organization of resources into processes that transform materials, provide services, or process information.”
How To Match Kubernetes Security To HIPAA Compliance
Healthcare organizations under the purview of HIPAA regulations know full well how critical demonstrable security is to avoiding regulatory action, steep fines, and reputational harm. But many businesses now taking advantage of Kubernetes and containerized environments have even more questions than usual when it comes to implementing compliance-achieving security processes.
10 steps to automating security in Kubernetes pipelines
Kubernetes pipelines face an ever-increasing range of threats that demand more integrated and automated security across the application lifecycle. Making things more complex, critical vulnerabilities can make their way into any stage of the pipeline: from build to registry to test-and-staging to (especially damaging) production environments.
Kubernetes deployments: 6 security best practices
If you’re moving to containers and Kubernetes from a more monolithic approach to software development and infrastructure, it’s probably not because you want your teams to move slower. You’re likely trying to deploy faster and more frequently than ever.
Guide to Automating Container Security Scans in the CI/CD Pipeline for DevOps Teams
As threat vectors and micro-perimeters expand with the popularity of container deployments, an automated approach can help DevSecOps teams keep workflows secure. Container security, including vulnerability management, has long been a challenge for many DevOps teams. The challenge is that, while modern cloud-native tools have enabled automation across CI/CD pipelines, automating the vulnerability management process has lagged behind.
Kubernetes security: New tech, familiar attack vectors
With Kubernetes, some old threat vectors may feel new again. Kubernetes security experts say misconfigured settings and privilege mistakes are examples that can open up risk. Mind these six items
With new vulnerability management tools, NeuVector aims to strengthens container security
NeuVector Inc. today is adding new vulnerability management and protection features to its container security platform, making it easier for DevOps and security teams to investigate, prioritize and then mitigate any potential vulnerabilities in production environments.
Linux Container CPU: How to Optimize Real-Time and I/O-Intensive Environments
Ideally, highly-threaded I/O intensive Linux containers running on Kubernetes would have all the CPU time they need. But just how compatible is that goal with reality? To find the answer – and optimize Linux containers – application developers and DevOps teams must understand how Linux schedules tasks and allocates them CPU time.
NeuVector Adds Container Security, Compliance Tool
NeuVector today announced it has added a Vulnerability and Compliance Explorer tool to make it easier to prioritize remediation efforts to further advance the adoption of best DevSecOps processes.
10 Steps to Ensure PCI DSS-Compliant Container Deployment
Enterprises seeking to leverage containers and microservices in compliance with the Payment Card Industry Data Security Standard (PCI DSS) will find some advantageous synergies between the regulations and the technologies, as well as some aspects that require particularly careful attention. While PCI-DSS version 3.2, the industry’s latest, does not yet specifically address containerized environments, enterprises must nevertheless ensure that appropriate monitoring, security and governance is in place to achieve compliance. This is especially important, as recent reports are showing a struggle to maintain compliance.
3 tips to keep Kubernetes safe at scale
Kubernetes containers are now highly prevalent in multi-cloud environments and are being deployed widely across a variety of industries. In a survey last year, vice president of product marketing for Sumo Logic Kalyan Ramanathan wrote that the open-source container operating system was "dramatically reshaping the future of the modern application stack."
DevSecOps Panel – Best DevOps Security Practices & Best Tools
Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this second part of our panel series we ask three questions: Where are applications most vulnerable? What are the best security practices? What tools do they recommend? Here’s what they had to say.
DevSecOps Panel – What Is DevSecOps & DevOps Security Challenges
Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this first part of our panel series we ask two questions: What is DevSecOps? Where is it easy and where is it difficult to keep an eye on security? Here’s what our experts had to say.
2020 DevSecOps Predictions - DevOps Digest
As part of DEVOPSdigest's 2020 predictions, industry experts offer predictions on how DevSecOps and related technologies will evolve and impact the business in 2020. Part 2 offers predictions about shifting left, automation and more.
6 Forecasts as Container Threats Proliferate
Expect a busy year for enterprise DevOps and DevSecOps teams, as they strive to stay ahead of growing security threats to containerized and serverless environments. Here are six trends to pay particular attention to in 2020:
6 Security Team Goals for DevSecOps in 2020
In the DevOps world, the biggest gains have been achieved through an "everything-as-code" approach that has made it so much easier to spin up and down reliable, repeatable infrastructure components. In the future this could be a huge boon for security and compliance purposes, but right now there's a big gap between DevOps and security teams, says Tim Hinrichs, CTO and co-founder of Styra.
The Year Ahead for Kubernetes and Container Security - Security Boulevard
A new study out conducted among the DevSecOps community shows that Kubernetes use is rapidly growing within the enterprise, and not just within test or development environments. As organizations try to catch their breath with the rapid adoption rate, the security community is scrambling to adapt to containers and cloud native architectures as the new normal.
How to Automate Container Security by Using CRDs to Get Security Policy as Code
Security has long been a sticking point for many DevOps teams (including my own, at a Canadian insurance and financial services co-operative). While available tools have enabled automation across plenty of other parts of our CI/CD pipeline — and made automated deployment of our container-based applications the norm — security automation has largely lagged behind.