Security News

Doing cloud native at enterprise scale is no mean feat, but doing it securely is the real challenge. Who do you turn to for practical guidance? To help you better understand and navigate the challenges enterprise scale brings, KubeSec Enterprise vSummit will focus on real-world enterprise experience in securing production environments.

A Dimensional Research survey shares Kubernetes best practices and key insights about the rapidly growing and evolving use of Kubernetes within businesses. The findings of the survey highlight the need for continued innovation in the way Kubernetes and its related ecosystem are used and managed in real production environments in order to further bridge the gap between Information Technology Operations and Development Operations teams across organizations.

Securing Kubernetes as it becomes mainstreamIn this interview with Help Net Security, Shauli Rozen, CEO at ARMO, talks about securing Kubernetes systems, what makes them susceptible to cyberattacks and what should organizations expect when deploying them. What businesses need to know about data decayData decay is the aging and obsolescence of data in such a way that makes it no longer usable due to loss of its integrity, completeness, and accuracy.

In this interview with Help Net Security, Shauli Rozen, CEO at ARMO, talks about securing Kubernetes systems, what makes them susceptible to cyberattacks and what should organizations expect when deploying them. High value targets - as Kubernetes becomes more mainstream, used by more companies, in more environments, it is now placed in places with high value, it is no longer just in a small workload somewhere, a test application, or a "Software playground" - it is right there in the core of production environment and in an extremely fast rising number of organizations.

In the multitenant architecture, each customer's container is hosted in a Kubernetes pod on a dedicated, single-tenant node virtual machine, according to the analysis, and the boundaries between customers are enforced by this node-per-tenant structure. "Since practically anyone can deploy a container to the platform, ACI must ensure that malicious containers cannot disrupt, leak information, execute code or otherwise affect other customers' containers," explained researchers.

The number one challenge around running Kubernetes in production, as named by survey participants: deployment of data-intensive transactional workloads. Kubernetes adoption challenge Many organizations use Kubernetes now, but how they use it diverges sharply.

Kubescape is an open-source tool for testing if Kubernetes is deployed securely, as defined in the recently released Kubernetes Hardening Guidance by NSA and CISA. About Kubernetes. "Kubernetes is commonly targeted for three reasons: data theft, computational power theft, or denial of service. Data theft is traditionally the primary motivation; however, cyber actors may attempt to use Kubernetes to harness a network's underlying infrastructure for computational power for purposes such as cryptocurrency mining," the NSA noted when it released the aforementioned guide.

The new contribution to the open source Kubernetes ecosystem addresses the need for organizations to easily deploy, run and manage Kubernetes clusters directly on top of bare metal servers, increasing performance and minimizing cost and operational effort."Running Kubernetes directly on bare metal servers is the next big thing for the Kubernetes community, but it has been challenging and difficult to implement," said Tenry Fu, CEO, Spectro Cloud.

Tigera launched a worldwide partner program to meet demand from the growing adoption of containers, Kubernetes, and microservices, which has created security and observability challenges for enterprises. The partner program opens doors for technology, services, and solution providers to build stronger relationships with their customers, expand their portfolios, and boost margins by building their expertise and ability to offer security and observability solutions for containers, Kubernetes, and microservices deployments.

The National Security Agency and the Cybersecurity and Infrastructure Security Agency released a report which details threats to Kubernetes environments and provides configuration guidance to minimize risk. Kubernetes is an open source system that automates the deployment, scaling, and management of applications run in containers.