End-to-End Vulnerability Management for Images, Containers and Kubernetes

Glen Kosaka Cloud Security

NeuVector 3.2 Release Adds a Vulnerability & Compliance ‘Explorer,’ High Performance Scanner, and Host Process Protection   The ‘Shift-Left’ movement to build security into the CI/CD pipeline continues to grow. Vulnerability management is a critical component of this, and organizations must ‘Shift-Left, then Shift-Right‘ in order to fully protect critical assets and sensitive data throughout the entire container lifecycle. NeuVector …

How to Optimize I/O Intensive Containers on Kubernetes

Glen Kosaka Container Security

Understanding the Real-time Characteristics of Linux Containers By Jay Huang Highly threaded, I/O intensive Linux containers running on Kubernetes should be able to use the full extent of their CPU requests. But is this really possible? Understanding how the Linux operating system schedules tasks and allocates CPU time to tasks can help application developers optimize containers which are highly threaded …

Serverless 101: When It Makes Sense and When It Doesn’t

Glen Kosaka Cloud Security

By Xiao Sun [This post is Part One of a three part series. Part Two will cover How to Develop Serverless Functions, and Part Three will cover Serverless Security.]   The use of serverless cloud services for enterprise applications continues to increase as new applications are developed that can leverage these new computing platforms. The benefits of serverless include on-demand …

NeuVector First to Bring “Security Policy as Code” to Kubernetes Workloads

Glen Kosaka Articles

DevOps and DevSecOps teams can now more quickly deliver secure cloud-native apps by using Kubernetes Custom Resource Definitions (CRDs) to define, manage, and automate application security policies throughout the CI/CD pipeline San Diego, at KubeCon – November 18, 2019 – NeuVector, the leader in Full Lifecycle Container Security, today announced the immediate availability of the industry’s first “Security Policy as Code” …