Cloud-native development has become the de facto way that companies make new apps due to its speed and cost savings. While it has opened up the world of Kubernetes, containers, and serverless to most organizations, they still need to grapple with certain complexities and security concerns that this style of development brings. Concerning the use … continue reading
We asked these tool providers to share more information on how their solutions help companies secure cloud-native applications. Their responses are below. Rani Osnat, VP strategy and product marketing at Aqua Security From day one, we started out focusing on containers, because that was the big technology that was pushed in the earlier days with … continue reading
Threatmapper is a cloud-native security observability platform that scans, maps, and ranks vulnerabilities from development through production across serverless, Kubernetes, container, and multi-cloud environments. This Wednesday, it was open-sourced by Deepfence under the Apache 2.0 license. “By open sourcing ThreatMapper, we aim to help developers, DevOps, DevSecOps, and security teams identify and prioritize threats quickly … continue reading
Google today announced Google Cloud Deploy, a managed, opinionated continuous delivery service that makes continuous delivery to GKE easier, faster, and more reliable. Deploying container image artifacts into various environments remains a difficult task to many, and there are still no agreed-upon best practices. “Google Cloud Deploy is the product of discussions with more than … continue reading
Snyk announced that it closed a $530 million Series F investment, which now totals the company’s funding to-date to $8.5 billion. “This new investment, together with the rapid adoption of our platform and growing customer base, validates our developer security vision,” said Peter McKay, CEO of Snyk. “When security starts with the world’s expanding pool … continue reading
It’s no surprise that organizations are trying to do more with less. In the case of managing infrastructure, they’re in fact trying to do much more in the area of provisioning software — not by lessening it but by eliminating infrastructure altogether, through the use of serverless technology. According to Jeffrey Hammond, the vice president … continue reading
Kubescape is a tool for testing if Kubernetes is deployed securely. It uses the Kubernetes Hardening Guidance released by the NSA and CISA to do this. Tests are configured in YAWL files, which makes it easy to update when specifications for tests change. It runs tests on the following things: non-root containers, immutable container filesystem, … continue reading
HCL Software has made its DevOps product portfolio cloud-ready, and has introduced HCL SoFy, a cloud-native platform for creating tool solutions, and HCL Now, a cloud-native-as-a-service offering. The work is the result of a major investment HCL made across its entire product portfolio to modernize its solutions for the cloud, according to Alex Mulholland, chief … continue reading
Ambassador Labs announced the release of its new Ambassador Developer Control Plane 1.0 (DCP), which lets developers code, ship and run apps using Kubernetes faster. The control plane provides a new managed cloud UI and an integrated toolchain built entirely on top of Cloud Native Computing Foundation (CNCF) open-source projects. Developers can use the control … continue reading
In an effort to bring Kubernetes to more users, Red Hat is providing free online Kubernetes-focused tutorials. The company announced improvements to its Kubernetes by Example site at its Red Hat Summit today. In addition to tutorials, the company will provide news, community interaction and a hands-on approach to learning. “Safe to say, Kubernetes plays … continue reading
Kubewarden is a new open-source policy engine aiming to simplify the adoption of policy-as-code. It provides a set of Kubernetes Custom Resources that makes the enforcement of policies in a cluster easier. According to Flavio Castelli, distinguished engineer at SUSE and contributor to the project, policies can be written in any programming language because Kubewarden … continue reading
Red Hat unveiled its Developer Sandbox for Red Hat OpenShift to make it easier for developers to get started with building Kubernetes-based applications using the same infrastructure and tools that they run in their application environments. The new solution provides a private OpenShift environment in a shared, multi-tenant cluster that is pre-configured with a set … continue reading
