Intro to Netskope Private Access Automation
This video provides a brief introduction to Netskope Private Access and automation including an overview of the REST API and Terraform.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
How to Migrate Snyk to the new Bitbucket Cloud App Integration
Snyk has a new and improved Bitbucket Cloud App. The new Snyk Security for Bitbucket Cloud App features the same Bitbucket experience with a streamlined onboarding process and improved enterprise functionality. Here's how to migrate your existing Snyk as Bitbucket Cloud App (Legacy)—to the new Bitbucket Cloud App integration.
Kubernetes Version 1.26: Everything You Should Know
The Kubernetes community is ready for the last release of 2022—version 1.26. Since its beginning, Kubernetes has been a place of constant change and improvement. The platform evolves and matures with every new API change and bug fix. In this release, there are 38 tracked enhancements in addition to a large number of bug fixes. In this article, we will focus on some highlighted enhancements, important deprecations, and removals so that you can be confident before upgrading your clusters.
Getting Started With Teleport 11
In this video, we'll not only look at how to install and run Teleport 11 on a Linux Server, but also how to use Teleport to configure access to resources.
2022 Kubernetes Vulnerabilities - Main Takeaways
All the main K8s vulnerabilities from 2022 consolidated into one article. Put together by Ben Hirschberg, founder of ARMO, the makers of Kubescape. During 2022, Kubernetes continued to cement itself as a critical infrastructure component in the modern software stack. From small to large organizations, it has become a widely popular choice. For obvious reasons, this shift made Kubernetes more susceptible to attacks. But this is not the end of it.
Stranger Danger: Your Java Attack Surface Just Got Bigger
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
How to use GitHub Actions environment variables
To improve the efficiency of releasing working code into a production environment, implementing a continuous integration and continuous delivery (CI/CD) pipeline is a great practice. These pipelines automate the process of checking that a code change is ready for release and provides tools to automate the release to a production environment. One popular way to do this is to use your existing version control system.
Leverage the HashiCorp Cloud Platform Vault with Tines
Security teams often have key management systems that encrypt and securely hold their applications' credentials. Instead of entering these credentials into your automation Stories every time, you can leverage Tines to retrieve an application's credentials whenever you require them in a workflow. Tines continues to expand our partnership with HashiCorp and allows mutual users to connect with the HCP Vault by using the AppRole authentication method.
Securing a Kubernetes Cluster | 5 Tips
A default Kubernetes cluster isn't safe by default. You have secrets in plain text, open and unencrypted pod to pod communication, insecure access, and much more to tighten down. In this video, we'll discuss 5 strategies to better secure your Kubernetes cluster from the outset.
Shifting Left with the Crowdstrike and AWS CI/CD Pipeline
CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.