Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Solid Infrastructure Security without Slowing Down Developers

In this post, I want to share my observations of how SaaS companies approach the trade-off between having solid cloud infrastructure security and pissing off their own engineers by overdoing it. Security is annoying. Life could be much easier if security did not get in the way of getting things done.

How to SSH into a Self-driving Vehicle

Over the last couple of years, we’ve started to see computers take to the street, and lucky for us, it’s been mostly to help us get deliveries or transport us around. These robots are a combination of sensors, compute units, and some form of connectivity. They have personalities, and if you look closely, two cute eyes on Postmates’ Serve that provide it with stereo vision to navigate the streets.

From Zero to Zero Trust

Blockchain, IOT, Neural Networks, Edge Computing, Zero Trust. I played buzzword bingo at RSA 2020, where the phrase dominated the entire venue. Zero Trust is a conceptual framework for cybersecurity that characterizes the principles required to protect modern organizations with distributed infrastructure, remote workforces, and web connected applications.

Gravity: Running Cloud Applications in Remote, Restricted and Regulated Environments.

Gravity is an application delivery system that lets engineers deliver and run cloud-native applications in regulated, restricted, or remote environments without added complexity. Gravity works by putting applications and all their dependencies onto a single deployable file, which can be used to create hardened Kubernetes clusters that can reliably and securely run in any Linux environment: edge, multi-cloud, private cloud, on-prem, and air-gapped.

Applying the Principles of Zero Trust to SSH

The Zero Trust approach to security is based not on where you are, but who you are. This model shifts the focus from network and perimeter-based security to identity-based access. In simple terms, this means: Zero Trust security provides a powerful approach to keeping an organization’s resources secure and usage auditable.

Deploying Applications to a Kubernetes Cluster to Which You Don't Have Access

For the impatient, in this blog post, we’ll look into the problem of preparing a Kubernetes application to be deployed into a large number of Kubernetes clusters, even if you, the developer, do not have direct access to them all. The tutorial parts of this post will utilize Gravity 7.0, which you can download here. This version is in beta at the time of publication, so be sure to select pre-releases in the dropdown on the download page to access it.

Announcing Gravity 7.0

Today, we are excited to announce the release of Gravity 7.0! Gravity is a tool for developers to package multiple Kubernetes applications into an easily distributable .tar file called a “cluster image”. A cluster image contains everything an application needs and it can be used for quickly creating Kubernetes clusters pre-loaded with applications from scratch or loading applications contained within an image into an existing Kubernetes cluster like OpenShift or GKE.