Kubernetes Admission Controller is an advanced plugin for gating and governing the configuration changes and workload deployment in a cluster. Admission Controller enables DevOps and Security personnel to enforce deployment requirements and restrictions in the cluster upon every workload start and any configuration change. Think of an Admission Controller as an Advanced Resource manager with a shield.

Kubernetes pods are the basic building blocks of Kubernetes. It's managing one or more tightly coupled application containers allowing them to share resources and networks. Pods are hosted on nodes, which are either physical or virtual machines. When defining a Pod we need to think not only about how much CPU or memory we want to assign to it but also about what would be the interaction between it and the underlying infrastructure.

After two years of virtual events, the Mend team was beyond excited to gather in San Francisco’s Moscone Center and connect with the tech community face to face. This year’s theme was ‘transformation,’ which couldn’t be more appropriate for us as we unveiled our new company name and integrated application security platform with automated remediation for SCA and SAST.

Rego is the purpose-built declarative policy language that supports Open Policy Agent (OPA). It’s used to write policy that is easy to read and easy to write. Fundamentally, Rego inspects and transforms data in structured documents, allowing OPA to make policy decisions. Rego was originally inspired by Datalog, a common query language with a decades-long history, but extends its capabilities to support structured document models like JSON.

Cloud computing security architecture describes how an organization secures data, applications, and workloads hosted across cloud environments. It specifies all technologies — both software and hardware — allocated for protecting cloud assets, and defines the security responsibilities shared between the cloud services provider and the organization. Cloud security architecture is a component of the organization’s overall security approach.

This blog is the final part of a series about secure access to Amazon RDS. In Part 1, we covered how to use OSS Teleport as an identity-aware access proxy to access Amazon RDS instances running in private subnets. Part 2 explained implementing single sign-on (SSO) for Amazon RDS access using Okta and Teleport. Part 3 showed how to configure Teleport access requests to enable just-in-time access requests for Amazon RDS access.

The cloud has enabled organizations to build and deploy applications faster than ever, but security has become more complex. The shift to cloud has created a world where everything is code — not just the applications, but also the infrastructure they run on. So, any security issue within an application or cloud environment can put an entire system at risk. And keeping that cloud native application stack secure is increasingly the responsibility of development teams.

The pandemic changed the way people work, and many companies have been fast to adapt to this shift in work culture by encouraging and promoting remote and hybrid work. Zero Trust Network Access or ZTNA is gaining popularity as a secure alternative to corporate VPN-based access to the internal application and network services.