Why Securing Secrets in Cloud and Container Environments Is Important – and How to Do It
Key-based “secrets” are required to authorize access and communications across all cloud applications and services, including login access to containerized applications. From the AWS IAM access key, to Google API access token, Facebook access token, OAuth Client Secrets, and countless others, secrets are used to secure myriad public-facing services and internal or external REST APIs.
Deploying compliance and security automation with Kubernetes
Enterprises believe that orchestration and containerization will help with compliance and security as they make the shift to digital transformation. CIOs are opting to shift security as closer to the CI/CD pipeline or software development cycle as possible. Kubernetes and Containers need new or updated security requirements. Such solutions provoke enterprises to shift legacy security policies away from the waterfall or monolithic approach. In most of these approaches, security comes as the last priority.
Why DevOps Teams Need to Take Container Security Seriously
Earlier this year hackers were able to exploit container platform Kubernetes to install cryptomining software in Microsoft Azure. Fei Huang, chief strategy officer at container security platform NeuVector believes that this should be a wake up call to get the attention of enterprise DevOps and DevSecOps teams. We spoke to him to find out more about the risks and how they can be addressed.
6 Kubernetes workflows and processes you can automate
Once upon a time, the concept of “workflow” in Kubernetes might have seemed a bit antithetical. Consider this older definition from the business process management world, via Wikipedia: “A workflow consists of an orchestrated and repeatable pattern of activity, enabled by the systematic organization of resources into processes that transform materials, provide services, or process information.”
How To Match Kubernetes Security To HIPAA Compliance
Healthcare organizations under the purview of HIPAA regulations know full well how critical demonstrable security is to avoiding regulatory action, steep fines, and reputational harm. But many businesses now taking advantage of Kubernetes and containerized environments have even more questions than usual when it comes to implementing compliance-achieving security processes.
10 steps to automating security in Kubernetes pipelines
Kubernetes pipelines face an ever-increasing range of threats that demand more integrated and automated security across the application lifecycle. Making things more complex, critical vulnerabilities can make their way into any stage of the pipeline: from build to registry to test-and-staging to (especially damaging) production environments.
Kubernetes deployments: 6 security best practices
If you’re moving to containers and Kubernetes from a more monolithic approach to software development and infrastructure, it’s probably not because you want your teams to move slower. You’re likely trying to deploy faster and more frequently than ever.
Guide to Automating Container Security Scans in the CI/CD Pipeline for DevOps Teams
As threat vectors and micro-perimeters expand with the popularity of container deployments, an automated approach can help DevSecOps teams keep workflows secure. Container security, including vulnerability management, has long been a challenge for many DevOps teams. The challenge is that, while modern cloud-native tools have enabled automation across CI/CD pipelines, automating the vulnerability management process has lagged behind.
Kubernetes security: New tech, familiar attack vectors
With Kubernetes, some old threat vectors may feel new again. Kubernetes security experts say misconfigured settings and privilege mistakes are examples that can open up risk. Mind these six items
With new vulnerability management tools, NeuVector aims to strengthens container security
NeuVector Inc. today is adding new vulnerability management and protection features to its container security platform, making it easier for DevOps and security teams to investigate, prioritize and then mitigate any potential vulnerabilities in production environments.
Linux Container CPU: How to Optimize Real-Time and I/O-Intensive Environments
Ideally, highly-threaded I/O intensive Linux containers running on Kubernetes would have all the CPU time they need. But just how compatible is that goal with reality? To find the answer – and optimize Linux containers – application developers and DevOps teams must understand how Linux schedules tasks and allocates them CPU time.
NeuVector Adds Container Security, Compliance Tool
NeuVector today announced it has added a Vulnerability and Compliance Explorer tool to make it easier to prioritize remediation efforts to further advance the adoption of best DevSecOps processes.
10 Steps to Ensure PCI DSS-Compliant Container Deployment
Enterprises seeking to leverage containers and microservices in compliance with the Payment Card Industry Data Security Standard (PCI DSS) will find some advantageous synergies between the regulations and the technologies, as well as some aspects that require particularly careful attention. While PCI-DSS version 3.2, the industry’s latest, does not yet specifically address containerized environments, enterprises must nevertheless ensure that appropriate monitoring, security and governance is in place to achieve compliance. This is especially important, as recent reports are showing a struggle to maintain compliance.
3 tips to keep Kubernetes safe at scale
Kubernetes containers are now highly prevalent in multi-cloud environments and are being deployed widely across a variety of industries. In a survey last year, vice president of product marketing for Sumo Logic Kalyan Ramanathan wrote that the open-source container operating system was "dramatically reshaping the future of the modern application stack."
DevSecOps Panel – Best DevOps Security Practices & Best Tools
Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this second part of our panel series we ask three questions: Where are applications most vulnerable? What are the best security practices? What tools do they recommend? Here’s what they had to say.
DevSecOps Panel – What Is DevSecOps & DevOps Security Challenges
Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this first part of our panel series we ask two questions: What is DevSecOps? Where is it easy and where is it difficult to keep an eye on security? Here’s what our experts had to say.
2020 DevSecOps Predictions - DevOps Digest
As part of DEVOPSdigest's 2020 predictions, industry experts offer predictions on how DevSecOps and related technologies will evolve and impact the business in 2020. Part 2 offers predictions about shifting left, automation and more.
6 Forecasts as Container Threats Proliferate
Expect a busy year for enterprise DevOps and DevSecOps teams, as they strive to stay ahead of growing security threats to containerized and serverless environments. Here are six trends to pay particular attention to in 2020:
6 Security Team Goals for DevSecOps in 2020
In the DevOps world, the biggest gains have been achieved through an "everything-as-code" approach that has made it so much easier to spin up and down reliable, repeatable infrastructure components. In the future this could be a huge boon for security and compliance purposes, but right now there's a big gap between DevOps and security teams, says Tim Hinrichs, CTO and co-founder of Styra.
The Year Ahead for Kubernetes and Container Security - Security Boulevard
A new study out conducted among the DevSecOps community shows that Kubernetes use is rapidly growing within the enterprise, and not just within test or development environments. As organizations try to catch their breath with the rapid adoption rate, the security community is scrambling to adapt to containers and cloud native architectures as the new normal.
How to Automate Container Security by Using CRDs to Get Security Policy as Code
Security has long been a sticking point for many DevOps teams (including my own, at a Canadian insurance and financial services co-operative). While available tools have enabled automation across plenty of other parts of our CI/CD pipeline — and made automated deployment of our container-based applications the norm — security automation has largely lagged behind.