Ensuring robust Kubernetes security is a shared responsibility that demands collaboration between developers and operators. By addressing vulnerabilities in container images, restricting additional privileges, and restricting visibility between components, organizations can establish a secure Kubernetes environment. Developers play a crucial role in utilizing vulnerability scans, minimizing components, and implementing authentication measures, while operators enforce policies, perform vulnerability scans, and manage network visibility. Together, they fortify the container ecosystem, protecting applications and critical business assets from potential security breaches. Discover the collaborative journey to Kubernetes security and unlock the full potential of this powerful orchestration platform.
Security
Secure Your Services with Istio: A Step-by-Step Guide to Setting up Istio TLS Connections
Looking to secure the communication between services in your Kubernetes cluster with Istio? In this article, we’ll provide a step-by-step guide on how to establish a Transport Layer Security (TLS) connection with Istio. We’ll cover how to expose TLS on the Istio ingress gateway, consume SSL from Istio, and enforce mutual TLS (mTLS) between different services in the cluster. By following the instructions in this guide, you can ensure secure communication and protect your applications from cyber threats. With Istio, you can easily centralize and externalize security aspects, allowing your applications to focus on their business logic and reducing the workload on your development team.
DevSecOps vs DevOps: Fundamentals and Differences Answering 3 Questions
DevOps vs DevSecOps: Fundamentals about DevSecOps understanding what it is, why it is crucial and how different is vs DevOps
Trivy: Get To Scan Docker Local Images with Success
Scan Docker images or, to be more honest, scan your container images is becoming one of the everyday tasks to be done as part of the development of your application. The change of pace of how easily the new vulnerabilities arise, the explosion of dependencies that each of the container images has, and the number […]
How To Inject Secrets in Pods To Improve Security with Hashicorp Vault in 5 Minutes
Introduction This article will cover how to inject secrets in Pods using Hashicorp Vault. In previous articles, we covered how to install Hashicorp Vault in Kubernetes, configure and create secrets in Hashicorp, and how tools such as TIBCO BW can retrieve them. Still, today, we are going to go one step ahead. The reason why […]
TIBCO BW Hashicorp Vault Configuration: More Powerful and Better Secured in 3 Steps
Introduction This article aims to show the TIBCO BW Hashicorp Vault Configuration to integrate your TIBCO BW application with the secrets stored in Hashicorp Vault, mainly for the externalization and management of password and credentials resources. As you probably know, in the TIBCO BW application, the configuration is stored in Properties at different levels (Module […]
Create Secrets in Hashicorp Vault Using 2 Easy Ways
Introduction Create secrets in Hashicorp Vault is one of the most important and relevant things you can do once you have installed Hashicorp Vault on your environment, probably by recovering and getting these secrets from the components they need it. But in today’s article, we will focus on the first part so you can learn […]
Hashicorp Vault Installation on Kubernetes: Quick and Simple in 3 Easy Steps
Introduction In this article, we are going to cover the Hashicorp Vault Installation on Kubernetes. Hashicorp Vault has become one of the industry standards when we talk about managing secrets and sensitive data in production environments, and this covers cloud and non-cloud-native deployments. But especially in Kubernetes, this is a critical component. We have already […]
Grafana and LDAP: Increase Security in Less Than 5 minutes
This article will cover how to quickly integrate Grafana and LDAP server to increase the security of your application
Improving Development Security With These Open Source Tools
Development Security is one of the big topics of today’s development practice. All the improvements that we got following the DevOps practices have generated many issues and concerns from the security perspective.