Security Culture: The Best Tool Money Can’t Buy
Building positive relationships, sharing knowledge effectively, and making security "cool" are some of the most worthwhile security pursuits.
Make Deployments Great Again: How to Use Helm with Continuous Deployment (CD)
Learn how to automate Helm deployments with GitOps, using Argo CD for continuous delivery. Seamlessly handle secrets, pod auto-restart, and version propagation in Kubernetes with this production-ready integration.
Multicloud Security Architecture
Using multiple cloud service providers isn't all benefits, it has its challenges. Today, let's have a look at multicloud: What it is, what are the challenges, especially security challenges, and what are the best practices towards a secure multicloud architecture.
Getting Started With SPIFFE For Multi-Cloud Secure Workload Authentication
SPIFFE stands for Secure Production Identity Framework for Everyone, and aims to replace single-factor access credentials with a highly scalable identity solution. This blog post provides some practical applications of SPIFFE in real-world environments.
Dependency Confusion Attacks and Prevention: Register Your Private Package Names
Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.
Always Be Updating: Why Regular Patching Is Non-Negotiable in DevSecOps
DevSecOps Engineer Gene Gotimer explains why constant software dependency updates are crucial for security in DevSecOps practices.
Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more
Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.
Securing Containers with Seccomp
In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called Seccomp-BPF.
The Runtime Secrets' Security Gap
The last mile in secrets security is securing secrets in workloads. Discover a new way to securely deliver encrypted secrets in your infrastructure with innovative open-source tools, and say goodbye to plaintext secrets.
Managing AWS IAM with Terraform
Get started with IAM by using Terraform to create users, groups, and policies.
Container Security Scanning: Vulnerabilities, Risks and Tooling
Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide.
How to Handle Secrets in Jupyter Notebooks
From entering passwords with getpass to using secret managers like AWS Secrets Manager, this guide covers best practices for protecting sensitive information in your notebooks.
