Tag: Security Posture
-
Deploying Policy-as-Code with Kyverno in Kubernetes
Security in Kubernetes shifts the security enforcement with Admission Controllers the flow of these systems can be enhanced with utilization of tools such as Open Policy Agent which leverages rego to define parameters that must be met prior to authorization of operations requested against the Kubernetes api server. What is Kyverno? Kyverno is (greek for…
-
How to Evaluate a Cloud Native Application Platform: What to evaluate and consider
In order to evaluate a cloud native application platform, it is important to understand what to look for and the different aspects of architecture. There are many benefits to using a cloud native application platform, including the ability to scale applications and manage resources more effectively. When choosing a platform, it is important to consider…
-
Azure Chaos Studio – Chaos Engineering in the Cloud
If you’re looking to stress test your application on Azure, then Azure Chaos Studio is a tool you’ll want to check out. In this blog post, we’ll give an overview of what Azure Chaos Studio is and some of its key features. We’ll also discuss the benefits of stress testing your application with Azure Chaos…
-
Service Mesh in GCP with Linkerd
Linkerd is a service mesh solution that provides a transparent layer of network communication between microservices in a Kubernetes cluster. Service meshes help to address many of the challenges faced in microservice architecture, such as service discovery, traffic management, load balancing, and security. While of course a service mesh may not be needed depending on…
-
AccuKnox in Kubernetes
For today’s post I’ve been wanting to cover more open-source tools that can assist your production operations suite. Enter policy enforcement tool known as AccuKnox. What is AccuKnox? In a nutshell this tool provides policy enforcement and the components that make up this tool are capable of using with Cilium as CNI and adds a…
-
Google Kubernetes Engine Up and Running in GCP
How to Get Started with Google Kubernetes Engine on GCP Kubernetes is an open-source system for automating the management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Google Kubernetes Engine (GKE) is a hosted version of Kubernetes that runs on the Google Cloud Platform…
-
Static Analysis and Integrating this in DevSecOps strategy
Static analysis of user workloads, such as Kubernetes resources and Dockerfiles, is a key aspect of DevSecOps. By analyzing these resources before they are deployed, organizations can identify potential security vulnerabilities and issues that could compromise the integrity of their systems. One way to perform static analysis is through the use of static analysis tools.…
-
Defender for Cloud (Cloud Security in Azure)
Defender for Cloud was a rebranding of Azure Security Center and is the premier offering from Microsoft Azure as a control plane for security and visibility in Azure. While this is a small view of the dashboard you can see the experience has changed in Azure, AWS and GCP as of recently you can now…