Threat actors are actively looking for exposed .env files. These files have become ticking bombs deeply rooted inside DevOps practices. Our research paper uncovers the hidden dangers in DevOps using real-world examples.
DevOps: DevOps is a range of tools and unique cultural philosophies that focuses on helping organizations streamline software or application release cycles. Read more
This report explores the aspects and considerations required to properly perform threat modeling within a Kubernetes environment, a piece of technology that many organizations worldwide rely on and a leading container orchestration platform.
A critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could lead to supply chain attacks.
With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure.
Can your container image be trusted? Learn how Docker Content Trust (DCT) employs digital signatures for container image verification and manages trusted collections of content.
With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure.
We outline security mitigations and settings that should be prioritized in a clustered environment. The second part of our security guide on Kubernetes clusters covers best practices related to worker nodes, the kubelet, pods, and audit logs.
Serverless computing is not immune to risks and threats. Our security research provides a comprehensive analysis of the possible attack scenarios that could compromise serverless services and deployments.