Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation.

Based on the well-known cybersecurity method, “honeypots”, Calico Cloud runtime security approach of Honeypods as decoy pods are designed to attract traffic to them from malicious sources and to detect suspicious activity within a Kubernetes cluster.

Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization process involves continuously monitoring, analyzing, and fine-tuning these resources to ensure optimal performance.

Cloud computing has become a cornerstone of business operations, with cloud security at the forefront of strategic concerns. A significant focus within this domain is the protection of containerized environments, which are increasingly targeted in cloud-based breaches. Embracing CNAPP (Cloud-Native Application Protection Platform) is crucial, particularly for its role in securing these versatile yet vulnerable container environments.

In this year-end Trust Issues podcast episode, host David Puner takes listeners on a retrospective jaunt through some of the show’s 2023 highlights. The episode features insightful snippets from various cybersecurity experts and thought leaders, each discussing crucial aspects of the ever-evolving cyber landscape.

Today’s security practitioners face a daunting challenge: Staying ahead of sophisticated adversaries who have turned their attention to the expansive terrain of cloud environments. CrowdStrike observed a 95% year-over-year increase in cloud exploitation in 2022. This trend demands strategic reevaluation of how organizations protect their cloud environments and workloads, and emphasizes the importance of choosing the right cloud security capabilities.

For DevOps software developers, navigating the cloud landscape without a clear understanding of risks is equivalent to walking into a minefield blindfolded. Cloud risk management, therefore, becomes an indispensable tool for DevOps – enabling us with the ability to identify, assess, and mitigate potential threats that could jeopardize their applications, their data, and their organization’s reputation.

I recently hosted and moderated a distinguished panel of Chief Information Security Officers (CISOs) - Nitin Raina, CISO at ThoughtWorks, Mike Wilkes, former CISO at Marvel and Yogesh Badwe, CSO at Druva. We discussed major trends for 2024 across an array of topics including the evolving threat landscape, recent regulations, data privacy considerations, securing product and critical infrastructure.