NeuVector Integrates with Sonatype Nexus Lifecycle to Secure Containers Across the SDLC

Glen Kosaka Container Security

As DevOps teams continue to ‘shift security left’ and build container security into the pipeline, integrated toolchains for managing security risk early in the software development lifecycle (SDLC) are becoming critical. The Sonatype Nexus Lifecycle integration with NeuVector enables developers and DevOps teams to manage software vulnerabilities throughout the entire SDLC and even into the production environment. The security risks …

How to Enforce Egress Container Security Policies in Kubernetes, OpenShift, and Istio

Gary Duan Container Security Leave a Comment

Prevent Data Breaches and Unauthorized External Connections from Container Clusters with Egress Control By Gary Duan While more and more applications are moving to a microservices and container-based architecture, there are legacy applications that cannot be containerized. External egress from a container cluster to these applications needs to be secured with egress container security policies when containers are deployed with …

NeuVector First to Demonstrate Red Hat OpenShift ‘CIS Inspired’ Security Benchmarks

Glen Kosaka Container Security

Today NeuVector demonstrated its ‘tech-preview’ implementation of important draft security benchmarks for the Red Hat OpenShift Platform. These benchmarks, drafted by the Red Hat OpenShift team and inspired by the CIS Benchmarks for Kubernetes, provide an important and much needed set of security auditing checks for the deployment of OpenShift. The benchmarks, similar to the ones for Kubernetes, evaluate the …

docker container firewall

How to Protect Web Applications in Containers Using DPI and DLP

Glen Kosaka Container Security

Protect Kubernetes Applications with Your Existing Threat Rules By Fei Huang The software security industry has grown very quickly in the past decades, and companies large and small are all using some type of network and endpoint security solution. These include solutions for anti-virus, anti-malware, web application firewall (WAF), layer 7 next generation firewall, penetration testing, threat intelligence, SIEM alerting …

10 Steps to Automate Container Security Into the CI/CD Pipeline

Glen Kosaka Container Security

How to Implement Container Security Automation Into the Kubernetes Pipeline Enforcing security and compliance requirements in modern cloud-native pipelines can be a challenge without at least some level of container security automation. The increased attack surface of container infrastructures makes security even more important, but security and DevOps teams can’t afford to slow the pipeline with manual processes. The CI/CD …