Gravity Community Edition Demo
This is a demo on how to package a Kubernetes application using Gravity and deploy and install the application across three Linux servers or nodes.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Shifting Left Is a Lie... Sort of
It would be hard to be involved in technology in any way and not see the dramatic upward trend in DevOps adoption. In their January 2019 publication “Five Key Trends To Benchmark DevOps Progress,” Forrester research found that 56 percent of firms were ‘implementing, implemented or expanding’ DevOps. Further, 51 percent of adopters have embraced DevOps for either all new or all applications. Clearly, DevOps adoption is here and growing.
Five Easy Steps to Keep on Your Organization's DevOps Security Checklist
The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with “minimal user interaction”; it subsequently allows attackers to gain root-level code execution on the host. Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by failure to follow a single, simple rule: lock the door.
Navigating Network Services and Policy With Helm
Deploying an application on Kubernetes can require a number of related deployment artifacts or spec files: Deployment, Service, PVCs, ConfigMaps, Service Account — to name just a few. Managing all of these resources and relating them to deployed apps can be challenging, especially when it comes to tracking changes and updates to the deployed application (actual state) and its original source (authorized or desired state).
Server Hardening Challenges
4 main challenges you'll need to confront when approaching server hardening.
The Top Tactics to Be Successful at Secure DevOps
Today’s increasingly connected world, with access to mobile devices and cloud scale computing, is leading to disruption in business models and processes. To succeed, you have no option but to continuously deliver new value to customers at the increasing speed that they demand.
Why Security Is Needed to Keep the CI/CD Pipeline Flowing Smoothly
Technology has advanced to a state where clients now expect a constant stream of updates for their software and applications. To fulfill this demand, developers commonly turn to what’s known as a CI/CD pipeline. As noted by Synopsys, this practice embraces two important software development concepts of today’s streamlined world.
State of Modern Applications & DevSecOps in the Cloud - 2018
Sumo Logic's report with data-driven insights, best practices, and year-over-year trends - all by analyzing technology adoption among enterprises who run massive applications on AWS, Azure, and GCP. The report also provides additional visibility into the DevSecOps tools and methodologies used within cloud-first organizations as they “lift and shift” or modernize and migrate existing applications to cloud environments.
Adding CVE scanning to a CI/CD pipeline
A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and libraries of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones. Scanning an image within a CI/CD pipeline can ensure this additional level of security.
60% of Organizations Suffered a Container Security Incident in 2018, Finds Study
Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on every continent except Antarctica. Those organizations varied in their industry, size and level of DevOps maturity, but they were all interested in learning how they could advance their DevOps evolution going forward.