Last week I presented at the NY Kubernetes meetup on security best practices.
Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to[…]
Network segmentation is not a new concept in security. It’s been around for a while and is considered one of the most effective methods of limiting the “blast radius”, i.e., preventing extensive[…]
In our many conversations with customers, secrets management has come up as a particularly thorny issue that seemed to lack an elegant, cross-platform solution for container environments. Not a[…]
DevOps professionals continue to believe they can’t do their jobs properly because security slows down operations. Security pros, meanwhile, have largely failed to integrate security measures into[…]
As excitement around container technology continues to grow, many questions remain regarding the best way to secure them from both a technical and organizational perspective. While developers and[…]
Last year I said the technology sector was notorious for hosting too many conferences. This holds true this year as well. The challenge is finding the right ones where container proponents and[…]
Cisco announced a few days ago that it discovered and fixed a critical vulnerability in its CloudCenter Orchestrator, whereby a misconfiguration caused the Docker Engine management port to be[…]