NeuVector in the News / NeuVector Press Releases

Image

Why DevOps Teams Need to Take Container Security Seriously

Earlier this year hackers were able to exploit container platform Kubernetes to install cryptomining software in Microsoft Azure. Fei Huang, chief strategy officer at container security platform NeuVector believes that this should be a wake up call to get the attention of enterprise DevOps and DevSecOps teams. We spoke to him to find out more about the risks and how they can be addressed.

Read article
Image

6 Kubernetes workflows and processes you can automate

Once upon a time, the concept of “workflow” in Kubernetes might have seemed a bit antithetical. Consider this older definition from the business process management world, via Wikipedia: “A workflow consists of an orchestrated and repeatable pattern of activity, enabled by the systematic organization of resources into processes that transform materials, provide services, or process information.”

Read article
Image

How To Match Kubernetes Security To HIPAA Compliance

Healthcare organizations under the purview of HIPAA regulations know full well how critical demonstrable security is to avoiding regulatory action, steep fines, and reputational harm. But many businesses now taking advantage of Kubernetes and containerized environments have even more questions than usual when it comes to implementing compliance-achieving security processes.

Read article
Image

10 steps to automating security in Kubernetes pipelines

Kubernetes pipelines face an ever-increasing range of threats that demand more integrated and automated security across the application lifecycle. Making things more complex, critical vulnerabilities can make their way into any stage of the pipeline: from build to registry to test-and-staging to (especially damaging) production environments.

Read article
Image

Kubernetes deployments: 6 security best practices

If you’re moving to containers and Kubernetes from a more monolithic approach to software development and infrastructure, it’s probably not because you want your teams to move slower. You’re likely trying to deploy faster and more frequently than ever.

Read article
Image

Guide to Automating Container Security Scans in the CI/CD Pipeline for DevOps Teams

As threat vectors and micro-perimeters expand with the popularity of container deployments, an automated approach can help DevSecOps teams keep workflows secure. Container security, including vulnerability management, has long been a challenge for many DevOps teams. The challenge is that, while modern cloud-native tools have enabled automation across CI/CD pipelines, automating the vulnerability management process has lagged behind.

Read article
Image

Kubernetes security: New tech, familiar attack vectors

With Kubernetes, some old threat vectors may feel new again. Kubernetes security experts say misconfigured settings and privilege mistakes are examples that can open up risk. Mind these six items

Read article
Image

With new vulnerability management tools, NeuVector aims to strengthens container security

NeuVector Inc. today is adding new vulnerability management and protection features to its container security platform, making it easier for DevOps and security teams to investigate, prioritize and then mitigate any potential vulnerabilities in production environments.

Read article
Image

Linux Container CPU: How to Optimize Real-Time and I/O-Intensive Environments

Ideally, highly-threaded I/O intensive Linux containers running on Kubernetes would have all the CPU time they need. But just how compatible is that goal with reality? To find the answer – and optimize Linux containers – application developers and DevOps teams must understand how Linux schedules tasks and allocates them CPU time.

Read article
Image

NeuVector Adds Container Security, Compliance Tool

NeuVector today announced it has added a Vulnerability and Compliance Explorer tool to make it easier to prioritize remediation efforts to further advance the adoption of best DevSecOps processes.

Read article
Image

10 Steps to Ensure PCI DSS-Compliant Container Deployment

Enterprises seeking to leverage containers and microservices in compliance with the Payment Card Industry Data Security Standard (PCI DSS) will find some advantageous synergies between the regulations and the technologies, as well as some aspects that require particularly careful attention. While PCI-DSS version 3.2, the industry’s latest, does not yet specifically address containerized environments, enterprises must nevertheless ensure that appropriate monitoring, security and governance is in place to achieve compliance. This is especially important, as recent reports are showing a struggle to maintain compliance.

Read article
Image

3 tips to keep Kubernetes safe at scale

Kubernetes containers are now highly prevalent in multi-cloud environments and are being deployed widely across a variety of industries. In a survey last year, vice president of product marketing for Sumo Logic Kalyan Ramanathan wrote that the open-source container operating system was "dramatically reshaping the future of the modern application stack."

Read article
Image

DevSecOps Panel – Best DevOps Security Practices & Best Tools

Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this second part of our panel series we ask three questions: Where are applications most vulnerable? What are the best security practices? What tools do they recommend? Here’s what they had to say.

Read article
Image

DevSecOps Panel – What Is DevSecOps & DevOps Security Challenges

Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this first part of our panel series we ask two questions: What is DevSecOps? Where is it easy and where is it difficult to keep an eye on security? Here’s what our experts had to say.

Read article
Image

2020 DevSecOps Predictions - DevOps Digest

As part of DEVOPSdigest's 2020 predictions, industry experts offer predictions on how DevSecOps and related technologies will evolve and impact the business in 2020. Part 2 offers predictions about shifting left, automation and more.

Read article
Image

6 Forecasts as Container Threats Proliferate

Expect a busy year for enterprise DevOps and DevSecOps teams, as they strive to stay ahead of growing security threats to containerized and serverless environments. Here are six trends to pay particular attention to in 2020:

Read article
Image

6 Security Team Goals for DevSecOps in 2020

In the DevOps world, the biggest gains have been achieved through an "everything-as-code" approach that has made it so much easier to spin up and down reliable, repeatable infrastructure components. In the future this could be a huge boon for security and compliance purposes, but right now there's a big gap between DevOps and security teams, says Tim Hinrichs, CTO and co-founder of Styra.

Read article
Image

The Year Ahead for Kubernetes and Container Security - Security Boulevard

A new study out conducted among the DevSecOps community shows that Kubernetes use is rapidly growing within the enterprise, and not just within test or development environments. As organizations try to catch their breath with the rapid adoption rate, the security community is scrambling to adapt to containers and cloud native architectures as the new normal.

Read article
Image

How to Automate Container Security by Using CRDs to Get Security Policy as Code

Security has long been a sticking point for many DevOps teams (including my own, at a Canadian insurance and financial services co-operative). While available tools have enabled automation across plenty of other parts of our CI/CD pipeline — and made automated deployment of our container-based applications the norm — security automation has largely lagged behind.

Read article