Tools Resources
Securing API Calls

Securing API Calls in Kubernetes, a Simple and Effective Approach

aduminuc
By: Alessandro Duminuco
Apr 13, 2022

Historically, API authentication methods have involved a tradeoff between security and convenience. Today, with cloud native applications and Kubernetes, there are several options, but security tradeoffs remain: You could hardcode credentials, w...

NSA’s Kubernetes Security

Everything DevOps need to know about the NSA’s Kubernetes Security Guidance

alex
By: Alexei Kravtsov
Nov 30, 2021

Kubernetes security is a complex topic. So complex that the National Security Agency recently issued a 59-page guidance document on Kubernetes security hardening. Yet, when you boil this advice down, you’ll find that most sources of c...

gitops thumbnail

Leveraging Gitops to Deploy Cloud Native Security

Tomer
By: Tomer Dvir
Nov 8, 2021

GitOps is increasingly popular among developers as it accelerates development, but as security requirements grow, a new approach is needed. GitOps security needs to shift left. Here’s how to secure your GitOps repository. GitOps is gaining trac...

Automated Policy Panoptica

Automated Policy for developers using CI/CD (Terraform) tools

Tomer
By: Tomer Dvir
Aug 16, 2021

Automated Policy - Infrastructure as code is a core element of today’s CI/CD pipeline and led to the emergence of Continuous Configuration Automation (CCA) tools, such as Terraform, a leading declarative push CCA solution launched by HashiCorp in ...

Hardening Kubernetes Containers Security with Seccomp

Hardening Kubernetes Containers Security with Seccomp

erez
By: Erez Fishimer
Aug 13, 2021

Seccomps - An often overlooked way to harden Kubernetes containers’ security is by applying seccomp profiles. Customizing seccomp profiles, in effect, provides a deeply embedded line of defense that adds a layer of protection to your application i...

Apisecurity

API Security – The Challenges & Latest Developments

NaorShmuel
By: Naor Shmuel
Jul 23, 2021

Forrester dubbed API Insecurity "the lurking threat in your software." Understanding API security-specific risks is key to protecting your API. New ways of thinking about API security are emerging. Using external services through APIs is routinel...

Kubernetesv thumbnail

What’s New in Kubernetes v1.21 and Istio 1.9 Releases and their implications on DevOps?

alex
By: Alexei Kravtsov
Jul 22, 2021

Kubernetes and service mesh are increasingly interrelated, yet their new versions are released separately on different dates. Kubernetes and Istio’s last releases help to get a clearer understanding of the interplay between them and how one affect...