How to test application security
Guest post originally published on the Snapt blog by Craig Risi We constantly read about leaks and security attacks that hit well-known applications. Businesses cannot take security for granted. With so much critical data in play, they must…
Kubernetes ephemeral container security
Guest post originally published on Xenit’s blog by Philip Laine, DevOps Engineer at Xenit Attempting to debug a Pod and realizing that you can’t install curl due to security settings has to be a meme at this point….
A MAP for Kubernetes supply chain security
Guest post originally published on the Nirmata blog by Jim Bugwadia The sharp increase in software supply chain attacks has made securing the build and delivery of software a critical topic. But what does this mean for Kubernetes…
Flux Security: More confidence through fuzzing
Project post originally published in the Flux blog by Daniel Holbach Next up in our blog series about Flux Security is how we implemented fuzzing in Flux and its controllers and how that makes things safer for you….
Argo security automation with OSS-Fuzz
Project post originally published on the Argo blog by Yuan Tang (Akuity), Adam Korczynski and David Korczynski (Ada Logics), Jann Fischer (Red Hat), Henrik Blixt (Intuit) Security is a key priority for the Argo project. In an effort to improve security, the Argo maintainers from Akuity, Red…
Kubernetes security best practices: definitive guide
Guest post originally published on ARMO’s blog by Jonathan Kaftzan, VP Marketing & Business Development at ARMO Introduction Kubernetes, an open-source microservice orchestration engine, is well known for its ability to automate the deployment, management, and, most importantly,…
Secure your GitOps flows with Security-as-Code
Guest post originally published on Magalix’s blog by Andrew Zola GitOps teams are shifting security left. This is fantastic news for anyone looking for a solid and efficient plan to secure applications, infrastructure, and other processes within the…
DevSecOps: cybersecurity for cloud native applications
Guest post originally published on SparkFabrik’s blog by SparkFabrik Team DevOps makes software delivery faster and more reliable, but leaves security practices to specialists at the end of the cycle. This can create a bottleneck in the software delivery…
How to start your cloud security journey
Guest post originally published on InfraCloud’s blog by Frederick Fernando When you start building your cloud infrastructure, security might not be a top priority as much as getting your project up and running. This might lead you to…
With the help of the CNCF Security Technical Advisory Group (TAG), CNCF recently conducted a microsurvey of the community to see how organizations are managing cloud native security. Overall, the report shows that organizations recognize the differences between…