Cloud Security

How to Create ‘Security Policy as Code’ to Automate Application Security Policies in the CI/CD Pipeline

DevOps and DevSecOps teams can now automatically deploy and update new applications securely using Kubernetes Custom Resource Definition (CRDs) As DevOps teams integrate their toolchain to enable automated deployment of container-based applications, one aspect has always slowed down a modern cloud-native pipeline: security. And while automated vulnerability scanning is now standard practice, creating the security… Read more »

Network Security

Container Segmentation Strategies and Patterns

Segmentation, Container Segmentation, and Micro-segmentation At a recent container security conference the topic of ‘container segmentation patterns’ came up, and it became clear that many security architects are wrestling with how to best segment workload communication in the dynamic environment of containers. The question was also raised “Is the DMZ dead?” The concept of network… Read more »

Container Security

NeuVector Expands Kubernetes Security Solution with Release of Containerd and CRI-O Run-Time Support

Announcements being made at KubeCon + CloudNativeCon North America 2018 Seattle, WA – December 10, 2018 – NeuVector, the leader in Container Network Security, today announced containerd and CRI-O run-time support. The Kubernetes security company is unveiling these new additions to its platform at KubeCon + CloudNativeCon North America 2018, where NeuVector is participating as… Read more »

Container Security

The Implications of Kubernetes Vulnerability CVE-2018-1002105

By Fei Huang Kubernetes critical vulnerability CVE-2018-1002105 was reported this week and the implication is a big warning to the fast-growing, massive DevOps world. The wide adoption of Kubernetes and Docker workloads is no doubt indicative of a disruptive next generation platform technology. But of course, like the dark side of the moon, every big shiny thing… Read more »

Container Security

Critical Kubernetes & OpenShift Vulnerability Exposes API Server

The First Major Vulnerability Discovered in Kubernetes, And It’s A Big One The big news today on the eve of the start of DockerCon EMEA has not been conference related announcements but rather the disclosure of a critical security hole in Kubernetes, and by inheritance, Red Hat OpenShift. This vulnerability, CVE-2018-1002105, is so critical with… Read more »