When the Mirantis team announced the Lens Extensions API back in November 2020, we were excited to experiment with it and build an extension for Starboard, our open source Kubernetes native security toolkit. True to DevSecOps principles, the integration makes security reports accessible within Lens IDE, giving you …
What were you doing four years ago?
Perhaps in 2017 you were, like many people, entirely unaware of the way that containers and cloud computing would take the world by storm. Back then, there were companies just taking baby steps towards containerization – don’t feel bad if you were running one container per …
As no individual, business, or government is immune from being the victim of the next large-scale cyberattack, organizations need capabilities to help identify, contain, and investigate what seems like an inevitable incident. By performing forensic analysis, you can gain and leverage valuable insights to take the …
To improve your Kubernetes security, you need to control and limit what pods can be created and deployed in your environment. For this, Kubernetes has provided a beta feature called Pod Security Policy (PSP), which soon will be deprecated and replaced with a standard called Pod Security Standards (PSS). In this …
If you’re looking to improve the security posture of your Kubernetes applications, you can get a lot of bang for your buck with vulnerability scanning. In this blog, I’ll talk about the fundamentals of scanning container images: how to pick a vulnerability scanner, when to use it in the application pipeline, and …
Last week, TeamTNT launched a new campaign against Docker and Kubernetes environments. Using a collection of container images that are hosted in Docker Hub, the attackers are targeting misconfigured docker daemons, Kubeflow dashboards, and Weave Scope, exploiting these environments in order to steal cloud …
The challenges of maintaining security and numerous compliance requirements are a very steep hill to climb for international business services providers. The latest example comes from an organization in Hong Kong called Neat, this financial services technology company has several offerings, including secure payment …
With no shortage of attacks targeting the cloud native stack, having a holistic view of your environment is paramount to contain and mitigate the attack, as well as to perform forensic analysis after the fact. In order to provide you with deeper insights into malicious and suspicious activity in your cloud native …
There is no shortage of myths in cloud native security, and we made our own list of the top seven cloud native security myths. Achieving compliance in the cloud and cloud providers’ responsibilities are the top two from that list.
Back in November 2020, we introduced the Starboard Operator, which automates vulnerability scanning in a Kubernetes environment. We’re now pleased to announce the latest release (release v0.9) which adds configuration auditing using Polaris. This means that the Operator can automatically check for weaknesses in the …
BYOK (bring your own key) is a trusted method for restricting access to data through encryption keys provided by end-users. We took this concept to the next level by adding support for “bring your own bucket” (BYOB). This new model represents an innovative, cloud native approach for providing users with better …