Protect Kubernetes Containers on AWS Using the Shared Responsibility Model

Glen Kosaka Cloud Security Leave a Comment

Deploying an AWS container security solution is a critical requirement to protect your data and assets running on AWS, including EC2, EKS, ECS, Kubernetes, or RedHat OpenShift. In its ‘Shared Responsibility Model,’ AWS states that the security responsibility is shared between AWS and the customer, you. ‘Security of the cloud’ is the responsibility of AWS, while ‘Security in the cloud’ is …

Use Cloud-Native Tools OPA and CRD to Protect Applications from Pipeline to Production

Gary Duan Cloud Security

By Gary Duan Application owners and IT administrators have been looking for tools that can help them secure their application pipeline, from the development stage to deployment and production. How to do this reliably and efficiently without slowing down development processes remains a big challenge. This is where Open Policy Agent (OPA) and Kubernetes Custom Resource Definitions (CRD) can help. …

O’Reilly Survey shows cloud adoption is on the rise and cloud security is top of mind. What’s your plan?

Fei Huang Cloud Security

By Fei Huang, Chief Strategy Officer and co-founder, NeuVector We made it! We’re halfway through 2020 and we’ve all adjusted to a new way of working. In the technology world, based on what we see, the migration to Cloud Computing isn’t slowing down. In fact, some verticals are accelerating cloud adoption. A cloud infrastructure is the solution of choice to …

Achieve and Enforce GDPR Compliance for Containers & Kubernetes

Glen Kosaka Cloud Security

The GDPR (General Data Protection Regulation) for the protection of privacy provides both specific and vague requirements for personal data protection by enterprises. Therefore, the path to GDPR compliance is murky and ambiguous. For modern cloud-native deployments such as containers and using Kubernetes it can be even more confusing for security and compliance teams. While GDPR contains many provisions which …

How to Protect Secrets in Containers Using DPI and DLP

Fei Huang Cloud Security

By Fei Huang Every cloud application and service utilizes a key (secret) to identify and authorize communications. Secrets are also used to authorize access to containerized applications which require a login. These credentials are widely used by public facing services as well as internal and external REST API’s everywhere. Examples include the AWS IAM access key, Google API access token, …