War Stories: ‘Lift-and-Shift’ Does Not Work for Cloud Native Security

Cloud Native Security Is No Joke with Seth Meyers

Shift Left: How Security Pros Should Prepare Developers for DevSecOps

Security Teams Need a Higher Appetite for Risk

The Open Policy Agent Journey from Sandbox to Graduation

Best Practices for Securely Setting up a Kubernetes Cluster

Jetstack Secure Promises to Ease Kubernetes TLS Security

Where Is Cloud Native Security Going in the Long Run?

Inside a Privilege Escalation Attack via Amazon Web Services’ EC2

Tetrate: A Service Mesh Can Be the Security Kernel for Distributed Systems

Canonical’s Latest Ubuntu Core Release Focuses on Edge Security

Why Open Source Project Maintainers Are Reluctant to Use Digital Signatures, Two-Factor Authentication

A Favored Target for Attackers, APIs Need More than the Security Basics

Notorious Malware CyberGang Goes All in on Unsecured Kubernetes Clusters

Digital Certs Key to Securing Open Source Supply Chain, Though Few Devs Use Them

A New Approach to the Firewall for Protecting Cloud Native Services

Prisma Cloud Reinvents the Firewall for Cloud Native Security

The Web App Firewall Is Dead and We Know Who Killed It

Mutual TLS: Securing Microservices in Service Mesh

Declare, Respond, Mitigate, Learn: How Kintaba Tackles Incident Response

Serious Sudo Trouble for Linux Distros

Red Hat: Why CVE2020-8554 Is No Kubernetes Apocalypse

AIOps Isn’t Just a Pipe Dream, but the Tools You Use May Be

How to Implement Security Recommendations from the Cloud Native Computing Foundation

Five Cloud Native Security Concerns in 2021

Shift-Left: Why Prevention Beats Remediation

The New Normal: Assume Malicious Back Doors Are Part of Your Infrastructure, Carry on

Parler’s Other Security Risk: DNS Denial-of-Service

Fugue Security Config Checker Now Supports CIS Docker Benchmark, Managed Containers

Offloading Authentication and Authorization from Application Code to a Service Mesh

Top 5 Benefits of a Site Reliability Platform

How Parler’s Data Was Harvested

Infrastructure as Code Is a Movement Ready to Boom

Continuous Integration: The New Frontier for Security Pros

Build Resilient, Secure Microservices with Microsegmentation

CNCF Security Whitepaper Shows the Complexity of Securing Cloud Native Operations

What Red Hat’s Purchase of StackRox Means for OpenShift

Containers Can Be Both Leaky and Risky — But That’s Always Been True

Cloud Computing 2020: From Coping to Consolidating

3 Trends That Will Define Digital Services in 2021

Is Hindsight Still 2020? Reviewing the Year in Tech

Linux Kernel 5.10 Introduces Static Calls to Prevent Speculative Execution Attacks

Open Policy Agent: The Top 5 Kubernetes Admission Control Policies

Falco: Lock Down Kubernetes from the Kernel on Up

Identity and Access Management Is a Pain Point in Kubernetes

SolarWinds, the World’s Biggest Security Failure and Open Source’s Better Answer

Don’t Let the Script Kiddies Steal Your Cloud Data

Open Source Security Top-of-Mind in DevSecOps, but Patching Still too Slow

NS1: Avoid the Trap of DNS Single-Point-of-Failure

Tutorial: Install Harbor for Image Vulnerability Scanning

Operationalizing Security in a Decentralized, Service-Based Architecture

DevOps Needs Security Champions

Why We Need to Rethink Authorization for Cloud Native

Accenture’s Kubernetes Certification Covers Security at Every Level

3 Reasons Traditional Approaches to App Security Need an Upgrade

Unfixable Kubernetes Security Hole Means Potential Man-in-the-Middle Attacks