Tenable

MARCH 19, 2024

Tenable Cloud Security simplifies Kubernetes security by providing any containerized environment with new features including easy custom policy enforcement, enhanced access control, Helm charts scanning and workload protection.

Innovation 66

Innovation Cloud Policies AWS 66

Dzone - DevOps

MARCH 12, 2024

In the realm of containerized applications, Kubernetes reigns supreme. Terraform , the infrastructure-as-code darling, offers a powerful solution for managing Kubernetes Secrets securely and efficiently. But with great power comes great responsibility, especially when it comes to safeguarding sensitive data within your cluster.

Infrastructure 68

Infrastructure Applications Data 68

Aqua Security

DECEMBER 7, 2021

Like clockwork, a new Kubernetes release is upon us, with loads of interesting new features to consider. A couple of the key features in Kubernetes 1.23 are hitting the beta level and will be enabled by default.

145

145

Honeycomb

JANUARY 12, 2024

The security team shoots you a message saying the latest pentest or security scan found an issue that needs quick remediation. This provides you with a wealth of information, from things like ‘what VPC is this instance in’ all the way to ‘provide me security credentials for the role attached to this instance.’

Network 107

Network AWS Metrics Open Source 107

Aqua Security

AUGUST 18, 2021

One of the main challenges developers face is how to manage security risks when deploying applications to Kubernetes clusters. A great way to address this early is by applying security hardening to the application manifests during the development process.

Applications 141

Applications Development How To 141

d2iq

MARCH 1, 2023

In General Dynamics Information Technology’s 2022 report, “ Agency Guide to Zero Trust Maturity ,” 63% of respondents from federal civilian and defense agencies said they believed their agencies would achieve specific zero trust security goals by the end of fiscal 2024.Although

Software Review 78

Software Review Authentication Firewall Network 78

Lacework

MAY 1, 2023

Developers of cloud-native applications that run in Kubernetes are increasingly responsible for operational tasks beyond managing the application code itself. They define infrastructure as code (IaC), container images, pod configuration for Kubernetes deployment, Kubernetes RBAC, network services enabling pod communication, and more.

Applications 98

Applications Cloud Infrastructure Network 98

Aqua Security

SEPTEMBER 8, 2021

AWS has taken a major step toward reducing the management complexity of Kubernetes and simplifying deployment across on-premises data centers and public cloud with the general availability of EKS Anywhere.

Data Center 105

Data Center AWS Cloud Applications 105

Aqua Security

OCTOBER 12, 2021

Despite best efforts to harden Kubernetes environments, prevention will never be enough and attackers are finding ways to evade shift-left and other preventative capabilities. It is critical to be able to detect and respond in real time to attacks within Kubernetes clusters.

Open Source 119

Open Source Tools How To 119

Dzone - DevOps

JULY 26, 2022

Kubernetes is a container orchestration platform today adopted by many companies. Implementing working principles or tools is therefore essential and requires the work of all teams (operations, development, security, etc.) Pre-commit Hooks.

DevOps 99

DevOps Continuous Integration Resources Tools 99

Aqua Security

JUNE 1, 2020

There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes environments. licensed toolkit for finding risks in your Kubernetes workloads and environments.

Open Source 128

Open Source Tools Cloud 128

Aqua Security

NOVEMBER 2, 2020

Back in June 2020, we released Starboard – an open source toolkit that integrates security tools into a Kubernetes environment. We’re now happy to announce a new Starboard Operator that automates the generation of security reports in your K8s cluster.

Report 145

Report Open Source Tools Cloud 145

Aqua Security

SEPTEMBER 22, 2021

Every organization has a limited amount of time to spend on security, and sometimes it seems like there’s a never-ending panoply of things that need attention. In such a world, how do you pick where to start? A concept that I find useful is focusing on improving your “mess-up tolerance”, or MUT.

Organization 98

Organization 98

Aqua Security

JUNE 28, 2022

Last month at KubeCon Europe, we released new Kubernetes security scanning for Trivy. It allows you to scan running Kubernetes clusters and resources for misconfigurations directly through the Trivy CLI or by installing the Trivy Kubernetes Operator in a cluster.

How To 81

How To Resources Open Source 81

Aqua Security

AUGUST 5, 2021

Even with Kubernetes’ new, longer release cycle in place, it doesn’t seem long since the last version came along with all its new features, but 1.22 Here are some of the highlights, from a security perspective, of this release. Here are some of the highlights, from a security perspective, of this release. is upon us.

132

132

Perficient

DECEMBER 26, 2023

Introduction In the dynamic landscape of software development, where Kubernetes has become the linchpin of modern application deployment, ensuring robust security measures is non-negotiable. By emulating real-world scenarios, this method enhances overall security by identifying weak points that might be exploited by malicious actors.

Testing 52

Testing Software Review Weak Development Team Systems Review 52

DevOps.com

MAY 11, 2021

Kubernetes has become the go-to container orchestration tool for businesses. Of those, 78% are using Kubernetes to manage their containers. 69% of companies have found security holes due to misconfiguration of their Kubernetes environment. Of those, 78% are using Kubernetes to manage their containers.

Architecture 114

Architecture Tools Company Cloud 114

Dzone - DevOps

MAY 22, 2023

Many enterprises that implement Kubernetes don’t realize how insecure it can truly be out of the box—and even when they do, they’re not sure what to do about it. For most any business, this makes it way too easy to introduce serious legal or security issues into their clusters and production applications.

Trends 75

Trends Enterprise Applications Tools 75

DevOps.com

MARCH 29, 2020

Google Kubernetes Engine (GKE) is easy to get going with, but requires additional security controls. The documentation is hard to grasp as there are many features and changes that tie to specific Kubernetes versions that will require using beta feature enablement, as well as some out of date documentation that can catch people out.

How To 130

How To Engineering Google Cloud Cloud 130

Lacework

APRIL 12, 2023

While hardening Kubernetes workload configuration or Kubernetes Role-Based Access Controls (RBAC) is a necessary best practice, it is just the tip of the iceberg when securing Kubernetes clusters. The Red Hat 2022 State of Kubernetes […] The Red Hat 2022 State of Kubernetes […]

52

52

CIO

APRIL 18, 2024

Is Kubernetes a platform? Over the past few years, there’s been a lot of confusion about where the line between a platform and infrastructure is, mostly driven by everyone’s interest in Kubernetes. Kubernetes is more focused on standardizing how infrastructure is used and managed, and how apps are configured and run.

Cloud 263

Cloud Weak Development Team Infrastructure Applications 263

DevOps.com

MARCH 12, 2020

When a Kubernetes deployment suffers a security breach, it can be difficult for security teams to diagnose and identify the source of the intrusion and its impact. Each Kubernetes cluster may host multiple applications, and each application may be composed of dozens or even hundreds of interacting microservices deployed as pods.

Microservices 110

Microservices Applications DevOps 110

Aqua Security

MARCH 3, 2021

When the Mirantis team announced the Lens Extensions API back in November 2020, we were excited to experiment with it and build an extension for Starboard, our open source Kubernetes native security toolkit.

Open Source 98

Open Source Report 98

d2iq

FEBRUARY 2, 2022

Security Is Mission-Critical The level of security an organization maintains can have a dramatic impact on the bottom line. Supply Chains Targeted Along with malicious threat actors and insider threats, the NSA/CISA report cites supply chain security as one of the major areas of concern. impacting up to seven million people.”As

Guidelines 64

Guidelines Meeting Authentication Firewall 64

CTOvision

MARCH 25, 2020

Read Gadi Naor’s article about securing your Kubernetes deployments against cyberattacks on Dark Reading : At a time when almost every company is to some degree a software company, digital transformation and cloud adoption are not just strategic but critical to enterprise success.

How To 101

How To Cloud Enterprise Software 101

Aqua Security

APRIL 11, 2019

When you’re running Kubernetes, how do you know whether it’s configured securely? Kubernetes is a complex system, with several control plane components, each of which has numerous configuration parameters. In other cases, the security impact is far less obvious.

Examples 93

Examples System Compliance 93

Lacework

SEPTEMBER 8, 2022

Kubernetes is quickly becoming the leading container orchestration and management technology. In fact, 94% of respondents admitted to experiencing a security incident in their K8s environment in the last 12 months, according to the State of Kubernetes Security Report. . But you do want to start somewhere. .

Authentication 52

Authentication Load Balancer eBook Cloud 52

Altexsoft

JULY 2, 2020

Kubernetes is a popular open source container orchestration platform, used by many organizations throughout the world. Kubernetes is feature-rich, providing the controls needed for managing the deployment of enterprise-grade applications. However, Kubernetes is also very complex and difficult to learn and operate.

Technical Advisors 78

Technical Advisors Technical Review Systems Review Firewall 78

Aqua Security

FEBRUARY 23, 2021

To improve your Kubernetes security, you need to control and limit what pods can be created and deployed in your environment. For this, Kubernetes has provided a beta feature called Pod Security Policy (PSP), which soon will be deprecated and replaced with a standard called Pod Security Standards (PSS).

Policies 69

Policies 69

Aqua Security

OCTOBER 28, 2020

With the rapid adoption of Kubernetes, an unforeseen consequence has emerged — there simply aren’t enough trained K8s experts to go around, let alone K8s security experts. Kubernetes environments have increased in size and complexity, expanding its attack surface, and ultimately heightening its susceptibility to exploitation.

Training 72

Training 72

Lacework

FEBRUARY 16, 2022

Kubernetes (k8s) is a critical infrastructure platform that can help streamline your development and operations. Security is definitely one of those and a topic I dove into recently with Dave Trader , Field CISO at Presidio. Why Kubernetes? Kubernetes Biggest Challenge. The Basics Of Securing Kubernetes.

Weak Development Team 52

Weak Development Team Load Balancer Survey Google Cloud 52

Prisma Clud

JANUARY 24, 2023

How do you secure Kubernetes? Part of the answer is to identify and address security risks within the various components of Kubernetes itself as well as their configurations. But the other part of the key to Kubernetes security—and the one that is easier to overlook—is the DevOps lifecycle.

DevOps 52

DevOps Software Review Systems Review Infrastructure 52

TechCrunch

JANUARY 7, 2021

RedHat today announced that it’s acquiring container security startup StackRox. CEO Kamal Shah, writing in a company blog post announcing the acquisition, explained that the company made a bet a couple of years ago on Kubernetes and it has paid off. for a platform that secures containers in Kubernetes.

Company 306

Company Google Cloud Linux Azure 306

CIO

FEBRUARY 27, 2023

Trend #1: More organizations will take on a cloud-native first strategy, accelerating the shift to containers and Kubernetes as the backbone for current and new applications. I agree on the cloud-native first strategy [prediction] since Kubernetes is the base for modern infrastructure.

Trends 363

Trends Cloud Technical Review Development 363

TechBeacon

JUNE 12, 2019

Kubernetes users often ask me what they need to do to determine whether their deployment is running and configured safely from a security perspective. The best answer is to hire someone to perform penetration testing, but that can get expensive.

How To 94

How To Testing Performance Applications 94

DevOps.com

MAY 16, 2022

Snapt sponsors KubeCon Europe and brings AI-powered threat intelligence, WAAP, and bot protection for Kubernetes ingress in public cloud – all in one click. The post Snapt Announces the One Security Package to Run Kubernetes in Public Cloud appeared first on DevOps.com.

Load Balancer 52

Load Balancer Cloud 52

Aqua Security

DECEMBER 4, 2018

KubeCon + CloudNativeCon North America is just around the corner, and looks like it is going to break attendance records, becoming the largest gathering of the Kubernetes and cloud native community ever! Such massive adoption by large organizations in their production deployments, brings with it security and compliance requirements.

Enterprise 64

Enterprise Compliance Cloud Industry 64