How to Enforce Egress Container Security Policies in Kubernetes, OpenShift, and Istio

Gary Duan Container Security

Prevent Data Breaches and Unauthorized External Connections from Container Clusters with Egress Control By Gary Duan While more and more applications are moving to a microservices and container-based architecture, there are legacy applications that cannot be containerized. External egress from a container cluster to these applications needs to be secured with egress container security policies when containers are deployed with …

Use Cloud-Native Tools OPA and CRD to Protect Applications from Pipeline to Production

Gary Duan Cloud Security

By Gary Duan Application owners and IT administrators have been looking for tools that can help them secure their application pipeline, from the development stage to deployment and production. How to do this reliably and efficiently without slowing down development processes remains a big challenge. This is where Open Policy Agent (OPA) and Kubernetes Custom Resource Definitions (CRD) can help. …

How to Enforce DNS-based Egress Container Security Policies in Kubernetes and Openshift

Gary Duan Container Security

By Gary Duan While more and more applications are moving to a microservices and container-based architecture, there are legacy applications that cannot be containerized. Access to these applications need to be secured with egress container security policies when containers are deployed with Kubernetes or Red Hat OpenShift. These legacy applications include database servers and applications developed with .NET frameworks. The …