DevOps

How Integrating with GCP Benefits Kubernetes Data Protection and Data Migration for GKE

Dec 8, 2022 By Ayushi Raj In CloudCasa

TFiR has produced its brand-new video show called Let’s See. This is the first time that TFiR has come up with a demo show where we will get to see how some of the technologies and products work.

Read Post

CloudCasa

Read more about How Integrating with GCP Benefits Kubernetes Data Protection and Data Migration for GKE

Getting Started using Maven and Bytesafe

Dec 8, 2022 By Bytesafe In Bytesafe

This video shows you how to use Maven and Bytesafe to install secure packages.

View Video

Bytesafe

Read more about Getting Started using Maven and Bytesafe

Risks Faced by Cloud-Native Apps and How to Assess Them

Dec 7, 2022 By Omer Dahan In Mend

Modern organizations are adopting a cloud-native approach to their application development. While this approach provides many benefits, it also makes organizations face several challenges, including the challenge of securing the application with a completely different approach. In this blog, we will discuss how software changes and how organizations should think about securing it.

Read Post

Mend

Read more about Risks Faced by Cloud-Native Apps and How to Assess Them

How to Sign Kubernetes using Sigstore

Dec 7, 2022 By Snyk In Snyk

In this livestream we are joined by Adolfo Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, as we talk about they were able to tackle signing all of the Kubernetes v1.24 image artifact using Sigstore. We then demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

View Video

Snyk

Read more about How to Sign Kubernetes using Sigstore

What is RBAC vs ABAC vs PBAC?

Dec 7, 2022 By Sean Roth In Styra

Setting employee controls for IT to manage is the biggest challenge to cloud-native expansion, according to 64% of the developers surveyed in our 2022 Cloud-Native Alignment report.

Read Post

Styra

Read more about What is RBAC vs ABAC vs PBAC?

A Busy Weekend for npm Attacks, Including 'cors' Typosquatting

Dec 6, 2022 By Tamir Ben Ari In Mend

‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.

Read Post

Mend

Read more about A Busy Weekend for npm Attacks, Including 'cors' Typosquatting

OPA Management: Challenges and Opportunities

Dec 6, 2022 By Danny Baier In Styra

The Open Policy Agent (OPA) is a policy engine that brings the speed, reliability and flexibility of decoupled policy as code to a wide range of authorization use cases across the cloud-native ecosystem. OPA is a Cloud Native Computing Foundation (CNCF) graduated project and has become an industry-wide standard for authorization, with several leading enterprises implementing it in their business-critical cloud systems.

Read Post

Styra

Read more about OPA Management: Challenges and Opportunities

Kubernetes Security: CSPM's Blind Spot

Dec 6, 2022 By Amir Kaushanskyt In ARMO

This article focuses on a critical missing component of Cloud Security Posture Management (CSPM): visibility into Kubernetes. Scroll down to read all you need to know about it.

Read Post

ARMO

Read more about Kubernetes Security: CSPM's Blind Spot

Highlights from AWS re:Invent 2022

Dec 6, 2022 By Jason Yee In Datadog

Just like shopping on Black Friday, AWS re:Invent has become a post-Thanksgiving tradition for some of us at Datadog. We were excited to join tens of thousands of fellow AWS users and partners for this annual gathering that features new product announcements, technical sessions, networking, and fun. This year, we saw three themes emerge from the conference announcements and sessions.

Read Post