AWS Cost Optimization Best Practices
While AWS has a number of advantages over traditional on-premise infrastructure, its inherent elasticity and scalability can lead to uncontrollable ..
DevSecOps and Value Stream Management
Everything done within an organization should provide value to customers and other stakeholders. Value Stream Management (VSM) is a business ..
Why Kubernetes Security Posture Management (KSPM) Is Essential to Cloud Native Security
Recent attacks like those on Colonial Pipeline, SolarWinds, and Twitch have gained notoriety and foregrounded the importance of security ..
How Does DevSecOps Fit Into Your Digital Transformation?
“Going digital” is a huge challenge in the best of times, but thanks to increasingly competitive markets, more technically savvy ..
What Is CIEM or Cloud Infrastructure and Entitlement Management?
Cloud Infrastructure and Entitlement Management (CIEM) is a relatively recent term that was introduced by Gartner in 2020 as part of the Hype ..
What Is Policy-as-Code?
Policy-as-code is an approach to policy management in which policies are defined, updated, shared, and enforced using code. By leveraging ..
OWASP Top 10:2021 – What’s New
The Open Web Application Security Project (OWASP) is a nonprofit foundation dedicated to promoting best practices, methodologies, and tools ..
What Is Web Application and API Protection?
Web application and API (Application Program Interfaces) protection is a set of development, integration, and deployment practices that ..
What Is the CI/CD Pipeline and CI/CD Security?
The CI/CD pipeline is a foundational part of DevOps. In addition to laying the foundation for the processes that DevOps teams use to deliver ..
What Is Identity and Access Management (IAM)?
Identity and access management, or IAM, is a foundational component of virtually any modern application environment. By providing a systematic ..
What Is a Container?
Starting with the advent of Docker in 2013, containers have become a fundamental building-block of modern IT infrastructure. Whether you host ..
Threat Hunting with Cloud SIEM
Threat hunting is emerging as a must-have addition to cybersecurity strategies. By enabling organizations to find and mitigate threats before ..
CLOUD THREAT REPORT 1H 2021 – The COVID-19 Conundrum: Cloud Security Impact and Opportunity
A much prettier version of this document lives here: Foreword In the early days of the COVID-19 pandemic, there was a rapid uptick in demand ..
Cloud Native Security for the Healthcare Industry
When you store or process any kind of data in the cloud, you face certain security risks that would not exist in an on-premises environment. ..
Avoiding Technical Security Debt During Cloud Transformation
Cloud transformation, or the process of migrating workloads to the cloud, creates a number of benefits — including greater agility, scalability, ..
Securing Kubernetes and Other Resources at Scale Using RBAC
Controlling information security for an organization of any size can quickly become a full-time job. One of the most effective ways of managing ..
Kubernetes Security Best Practices to Keep You out of the News
Kubernetes can look enticingly powerful at first glance, like it will solve all of your problems. (It solves many of them!) But anyone working ..
How to Create Secure Kubernetes Clusters From the Start
If you’ve decided to set up and deploy a Kubernetes cluster, ensuring proper security controls and alignment with overall organization ..
Azure Monitor vs. AWS CloudWatch
Cloud computing is an incredible asset to new and seasoned companies alike. With pricing and infrastructure that can accommodate any demand, ..
15 Considerations for Your Next Cloud Native Security Audit
Security audits have become more complex and nuanced in a cloud native world, where organizations typically run applications on more than ..