How to Sign Kubernetes using Sigstore #cloudsecurity #cybersecurity #container
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Containers
Container Security with Calico: Detect and Respond to Container Attacks with Network Anomaly Detection
Considering the vast attack surface and flat network architecture, Kubernetes workloads are particularly susceptible to network-based threats. While following best practices like workload access controls, workload-centric IDS/IPS, and WAF can help prevent and block attacks, anomaly detection has become crucial in today’s IT landscape to proactively anticipate security threats.
Calico Egress Gateway integration with AWS Network Firewall
Many AWS customers have security requirements that are well beyond what AWS Security Groups or AWS Network Access Control Lists can offer in terms of scalability and security. That’s why many of them turn to AWS Network Firewall as a common solution.
Top four Kubernetes Attack Chains and how to break them
While Kubernetes adoption continues to soar, it has become a prime target for cyberattacks. Unfortunately, Kubernetes clusters are complex and can be difficult to secure. Safeguarding your Kubernetes environment requires a solid understanding of the common attack chains that pose a threat to your infrastructure. In this blog post, we dig into the top attack chains that target Kubernetes, shedding light on the risks and offering valuable insights to bolster your defenses.
New in Calico Cloud: Continuously scan workloads in Kubernetes clusters to detect newly discovered CVEs
The timeline of an application can be broadly described in 3 phases: Thus, runtime security in the context of a cloud-native container environment broadly refers to the tools and processes leveraged to protect the operation of running containers in production.
Container Security Essentials: Vulnerability Scanning and Change Detection Explained
Containers offer a streamlined application deployment and management approach. Thanks to their efficiency and portability, platforms like Docker and Kubernetes have become household names in the tech industry. However, a misconception lurks in the shadows as containers gain popularity - the belief that active vulnerability scanning becomes redundant once containers are implemented.
What you can't do with Kubernetes network policies (unless you use Calico): Node Specific Policies
In my previous blog post, What you can’t do with Kubernetes network policies (unless you use Calico): TLS Encryption, I talked about use case number two from the list of 9 things you cannot implement using basic Kubernetes network policy—anything TLS related. In this blog post, we’ll be focusing on use case number three: node specific policies.
Using 1Password Connect with Kubernetes Operator
In this demo, see how you can integrate 1Password Connect with Kubernetes Secrets to access API keys, tokens, and other credentials saved in 1Password in your company's applications and cloud infrastructure.
Using 1Password Service Accounts with Kubernetes Secrets Injector
In this demo, see how you can inject 1Password secrets as environment variables into a Kubernetes pod or deployment using either a 1Password Service Account or a 1Password Connect Server to retrieve items.
The new standard of Kubernetes misconfiguration remediation
According to research done by ARMO, 100% of Kubernetes clusters that were tested contained at least one misconfiguration, while 65% had at least one high-severity misconfiguration. 50% of clusters had 14 or more failed security controls. According to Redhat research from 2023, 45% of respondents experienced security incidents or issues related to containers and/or Kubernetes due to misconfigurations.