Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Calico and K8s Network Policies - An Overview and Comparison

In an age where attackers are becoming more and more sophisticated, network security as a line of defense is more important than ever. Network Policy is the primary tool for securing a Kubernetes network. It allows you to easily restrict the network traffic in your cluster so only the traffic that you want to flow is allowed. In this training session, we will go over the core concepts in Kubernetes Network Policies and Calico Network Policies. Compare and contrast between the two models, and highlight when to use one versus the other.

CNCF Webinar: Critical DevSecOps considerations for Multicloud Kubernetes

The distributed nature of Kubernetes has turned both legacy infrastructure and traditional cybersecurity approaches on their heads. Organizations building cloud-native environments in their own data centers grapple with operationalizing and scaling Kubernetes clusters, and then ensuring system-wide security from the infrastructure layer all the way up to each container. In this webinar, you’ll hear from two cloud-native experts in infrastructure and security who will offer up valuable insights on.

CNCF Webinar: Getting started with container runtime security using Falco

Protect Kubernetes? As Kubernetes matures, security is becoming an important concern for both developers and operators. In this talk, Loris Degioanni (CTO and Founder @Sysdig) will give an overview of cloud native security, discuss its different aspects, with particular focus on runtime, and explain what inspired the development of Falco, the CNCF container security project. Through demonstration, he will educate the CNCF community on the ways Falco is being used for real-world workloads. Lastly, he will share the latest on Falco’s adoption, maturation within CNCF and what’s on the horizon.

Kubernetes Security

Containers and Kubernetes have revolutionized the way many teams deploy applications. But with the many benefits that these technologies provide come new challenges. Key among those challenges is security. By adding more layers and complexity to application environments, containers and Kubernetes create new opportunities for attackers and new security threats for Kubernetes admins to address.

Secure Networking for Openshift

The Kubernetes network model defines a flat network in which pod connectivity is unimpeded, with no restrictions on what traffic is allowed to or from each pod. To make a cluster production ready you need to make this networking secure. Network Policy is the primary tool for doing this and is essential to understand before considering moving a cluster to production.

API Authorization at the Gateway with Apigee, Okta, and OPA (Part 2)

This is the second post in a two-part series about enforcing API authorization policies using Apigee, Okta and OPA. While the first post explained how to set up all three to work together, this post dives into detail on the policies that go along with the working code. The application we will be discussing is based on a hypothetical medical insurance provider Acme Health Care.

Kubernetes Q3-2020: Threats, Exploits and TTPs

Kubernetes has become the world’s most popular container orchestration system and is taking the enterprise ecosystem by storm. At this disruptive moment it’s useful to look back and review the security threats that have evolved in this dynamic landscape. Identifying these threats and exploits and being a proactive learner may save you a lot of time and effort…as well as help you retain your reputation in the long run.

AWS threat detection using CloudTrail and Sysdig Secure

Implementing AWS threat detection with Sysdig Secure takes just a few minutes. Discover how to improve the security of your cloud infrastructure using AWS CloudTrail and Sysdig Cloud Connector. With the rise of microservices and DevOps practices, a new level of dangerous actors threatens the cloud environment that governs all of your infrastructure. A malicious or inattentive cloud API request could have a sizable impact on availability, performance, and last but not least, billing.