Virtualization & Cloud

With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure.

In our monitoring of Docker-related threats, we came across a threat actor who uploaded malicious images to Docker Hub for cryptocurrency mining.

Serverless computing is not immune to risks and threats. Our security research provides a comprehensive analysis of the possible attack scenarios that could compromise serverless services and deployments.

Security issues often arise as a result of applications being rushed for deployment without adequate checks and protections. What are the top security risks to applications and what can organizations do to secure their DevOps pipeline?

Infrastructure as Code (IaC) is a key DevOps practice that bolsters agile software development. In this report, we identify security risk areas in IaC implementations and the best practices in securing them in hybrid cloud environments.

Cloud-native security adopts the defense-in-depth approach and divides the security strategies utilized in cloud-native systems into four different layers which are seen in “The 4Cs of Cloud-native Security.”

When it comes to cloud computing security, or simply, cloud security, what are the builders’ responsibilities? How can developers and administrators ensure cloud security? This primer discusses the key concepts of cloud security and which areas need to be protected using flexible and comprehensive security solutions. 

A malicious cryptocurrency miner and Distributed Denial of Service (DDoS) bot that targets open Docker daemon ports.

We provide recommendations for cloud admins on how to formulate a security strategy when using Kubernetes for container orchestration.