OPA policy for Kubernetes memory limits
Tim Hinrichs, CTO of Styra and Co-founder of Open Policy Agent, live codes an OPA policy that enforces total memory limits on pods in Kubernetes.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Containers
OPA policy for Kubernetes label management
Tim Hinrichs, CTO of Styra and Co-founder of Open Policy Agent, live codes an OPA policy for Kubernetes admission control. The policy requires an owner label on every resource and forcibly guarantees imagePullPolicy is set to Always.
60% of Organizations Suffered a Container Security Incident in 2018, Finds Study
Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on every continent except Antarctica. Those organizations varied in their industry, size and level of DevOps maturity, but they were all interested in learning how they could advance their DevOps evolution going forward.
How Containers Are Disrupting IT Security & Compliance Controls
Tigera commission an unbiased, third-party research firm to speak with enterprise security professionals to understand the state of network security with modern applications.
Policy-driven Secure Application Connectivity for OpenShift
OpenShift provides a declarative, automated platform to integrate developer workflows into application deployments leveraging open source building blocks such as Kubernetes.
Achieve CIS Compliance in Cloud, Container and DevOps Environments
If you are embracing DevOps, cloud and containers, you may be at risk if you’re not keeping your security methodologies up to date with these new technologies. New security techniques are required in order to keep up with current technology trends, and the Center for Internet Security (CIS) provides free cybersecurity best practices for many newer platforms.
Simplifying Policy Enforcement Across Heterogeneous Workloads
Applying a uniform policy framework allows enterprises to achieve consistent network policy across multiple container orchestrators.
8 Emerging Trends in Container Orchestration
As Docker adoption continues to rise, many organizations have turned to orchestration platforms like ECS and Kubernetes to manage large numbers of ephemeral containers. Thousands of companies use Datadog to monitor millions of containers, which enables us to identify trends in real-world orchestration usage. We're excited to share 8 key findings of our research.
Enforce Docker Image CIS Policy Compliance with Tripwire for DevOps
We are working hard adding features to our new Tripwire for DevOps service, initially announced at BlackHat 2018. If you are a loyal State of Security follower, last you read we added Auditing for Amazon Machine Images (aka AMIs). Today, we are introducing CIS policy compliance auditing for Docker images. Tripwire for DevOps allows you to evaluate your Docker Images to check for policy compliance at build time.
Clarifying the Misconceptions: Monitoring and Auditing for Container Security
An effective container security strategy consists of many parts. Organizations should first secure the build environment using secure code control along with build tools and controllers. Next, they should secure the contents of their containers using container validation, code analysis and security unit tests. Finally, they should develop a plan to protect their containers in production systems by focusing on runtime security, platform security and orchestration manager security.