Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Top 3 Multi-Cloud Kubernetes Backup Challenges

In the rapidly evolving digital landscape, organizations are increasingly relying on Kubernetes and cloud environments to drive agility, scalability, and innovation. However, this shift has introduced complex challenges in Kubernetes backup and disaster recovery, especially when managing resources across multi-cloud and on-premises environments.

What you can't do with Kubernetes network policies (unless you use Calico): The ability to explicitly deny policies

In my previous blog post, I talked about the eighth use case from the list of nine things you cannot implement using basic Kubernetes network policy — the ability to log network security events. In this final blog post of the series, we’ll be focusing on one last use case: the ability to explicitly deny policies.

Container Security: Creating an Effective Security Program with Reachability Analysis

Containers have taken over the world of software development. According to Gartner analysts, “90% of global organizations will be running containerized applications in production by 2026,” up from 40% in 2021. Containerized applications provide enterprises with an agile, modern approach in the age of cloud computing; safeguarding these technologies from existing and future threats requires equally modern methods.

Why Kubernetes Native Backup Might Not Be Enough

Chances are, if you’re involved in software development, you’ve worked with Kubernetes or at least discussed it. Widespread adoption is not surprising since it’s caused by its ability to offer organizations flexibility in application deployment, scaling, and management. However, the inherent complexities of Kubernetes environments also give rise to unique data protection challenges.

Kubernetes 1.30: A Security Perspective

Kubernetes 1.30 marks a significant milestone in the evolution of the widely used orchestration platform, particularly regarding security enhancements and developer experience. This post will explore updates encompassing secrets management, node and cluster management, data security and additional security measures. Each of these improvements strengthens the Kubernetes framework, making it a more secure and reliable platform for enterprises and developers.

The Crucial Role of Network Policies and Encryption in Securing Kubernetes Workloads

Ensuring the security of containerized workloads has become a top priority given the accelerated adoption of managed Kubernetes services. The complexity of hosting these workloads securely in the cloud necessitates a comprehensive array of security measures. Among these, network policies and encryption stand out as indispensable prerequisites for safeguarding sensitive workloads in a shared, multi-tenant environment.

The First CNAPP with Out-of-the-Box NIS2 and DORA Compliance

In an era where cloud attacks and threats are happening very fast and constantly evolving, the European Union (EU) has stepped up its cybersecurity game with two new regulations: the Digital Operational Resilience Act (DORA) and the revised Directive on Security of Network and Information Systems (NIS2). With more strict requirements on compliance controls and breach disclosures, these regulations are set to transform how businesses manage their cyber risks in Europe.

Mend.io Launches Mend Container

While cloud-native development brilliantly solves problems related to scalability and effective resource use, a more complex architecture and new security challenges come along for the ride as well. The added layer of abstraction of container architecture can make tracking down vulnerabilities and poorly stored secrets, assessing true risk, and enforcing policies difficult for security teams using only traditional AppSec tools.

Monitor your secure workloads on Kata Containers with Datadog

Kata Containers is an open source project that seeks to enhance security for containers by isolating them in lightweight VMs. Each Kata Container runs with the speed and flexibility of standard containers, and it easily integrates with common container management software—including Docker and Kubernetes.

GoTestWAF - Quick start with Docker and PDF report

GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, and others. It was designed to evaluate web application security solutions, such as API security proxies, Web Application Firewalls, IPS, API gateways, and others.