Segmentation, Container Segmentation, and Micro-segmentation At a recent container security conference the topic of ‘container segmentation patterns’ came up, and it became clear that many security architects are wrestling with how to best segment workload communication in the dynamic environment of containers. The question was also raised “Is the DMZ dead?” The concept of network… Read more »
Network Security
How Kubernetes Networking Works – Under the Hood
How to Understand and Set Up Kubernetes Networking, Including Multiple Networks By Tobias Gurtzick Kubernetes networking is a complex topic, if not even the most complicated topic. This post will give you insight on how kubernetes actually creates networks and also how to setup a network for a kubernetes cluster yourself. This article doesn’t… Read more »
Container Security
The Ultimate Guide to Kubernetes Security
How to Deploy Kubernetes Containers in Production, With Confidence By Fei Huang and Gary Duan Containers and tools like Kubernetes enable enterprises to automate many aspects of application deployment, providing tremendous business benefits. But these new deployments are just as vulnerable to attacks and exploits from hackers and insiders as traditional environments, making Kubernetes security… Read more »
Network Security
How Kubernetes Networking Works – The Basics
By Gary Duan Kubernetes 101 Before I get into Kubernetes networking, here are the basic concepts to know about in Kubernetes. For those not familiar with Kubernetes, these are the objects and terms used in a Kubernetes deployment. Kubernetes is a container orchestration and management tool for automating the deployment and monitoring of containers. Kubernetes… Read more »
Docker Security
DockerCon17 – My Container Security Perspective
By Gary Duan, CTO, NeuVector Last week was my first time going to the DockerCon conference, which I’ve heard is now attracting a more serious enterprise deployment audience. It was an exciting experience hearing about several major announcements and participating in interesting sessions. NeuVector was a sponsor and had a booth at the conference. It… Read more »
Recent Posts
Container Security Monitoring with Prometheus and Grafana
NeuVector Announces New Run-time Container Security Capabilities for AWS Cloud with Integrations for AWS EKS, AWS ECS and AWS App Mesh
How to Mitigate the SACK Panic DDoS Attack
figo Converts to Container Infrastructure for Speed, Efficiency and Scalability
Alpine Linux Docker Image Vulnerability CVE-2019-5021