DevSecOps and Value Stream Management
Everything done within an organization should provide value to customers and other stakeholders. Value Stream Management (VSM) is a business ..
Why Kubernetes Security Posture Management (KSPM) Is Essential to Cloud Native Security
Recent attacks like those on Colonial Pipeline, SolarWinds, and Twitch have gained notoriety and foregrounded the importance of security ..
How Does DevSecOps Fit Into Your Digital Transformation?
“Going digital” is a huge challenge in the best of times, but thanks to increasingly competitive markets, more technically savvy ..
What Is CIEM or Cloud Infrastructure and Entitlement Management?
Cloud Infrastructure and Entitlement Management (CIEM) is a relatively recent term that was introduced by Gartner in 2020 as part of the Hype ..
What Is Policy-as-Code?
Policy-as-code is an approach to policy management in which policies are defined, updated, shared, and enforced using code. By leveraging ..
OWASP Top 10:2021 – What’s New
The Open Web Application Security Project (OWASP) is a nonprofit foundation dedicated to promoting best practices, methodologies, and tools ..
What Is Web Application and API Protection?
Web application and API (Application Program Interfaces) protection is a set of development, integration, and deployment practices that ..
What Is the CI/CD Pipeline and CI/CD Security?
The CI/CD pipeline is a foundational part of DevOps. In addition to laying the foundation for the processes that DevOps teams use to deliver ..
What Is Identity and Access Management (IAM)?
Identity and access management, or IAM, is a foundational component of virtually any modern application environment. By providing a systematic ..
What Is a Container?
Starting with the advent of Docker in 2013, containers have become a fundamental building-block of modern IT infrastructure. Whether you host ..
6 DevSecOps Metrics for DevOps and Security Teams to Share
If you work in DevOps, it’s easy to feel like the security team is there to make your job harder. Likewise, if you are a security engineer, ..
CLOUD THREAT REPORT 1H 2021 – The COVID-19 Conundrum: Cloud Security Impact and Opportunity
A much prettier version of this document lives here: Foreword In the early days of the COVID-19 pandemic, there was a rapid uptick in demand ..
Cloud Native Security for the Healthcare Industry
When you store or process any kind of data in the cloud, you face certain security risks that would not exist in an on-premises environment. ..
Avoiding Technical Security Debt During Cloud Transformation
Cloud transformation, or the process of migrating workloads to the cloud, creates a number of benefits — including greater agility, scalability, ..
Intelligently Managing Risk: Multicloud Infrastructure Security
Multicloud is the new reality for many organizations, whether chosen as a strategy or forced on them through another means – like customer ..
A Step-by-Step Guide to Secure and Protect AWS S3 Buckets
Amazon Web Services (AWS) Simple Storage Service (S3) provides an easy option for storing documents, data and other information in the cloud. ..
Securing Kubernetes and Other Resources at Scale Using RBAC
Controlling information security for an organization of any size can quickly become a full-time job. One of the most effective ways of managing ..
Kubernetes Security Best Practices to Keep You out of the News
Kubernetes can look enticingly powerful at first glance, like it will solve all of your problems. (It solves many of them!) But anyone working ..
How to Create Secure Kubernetes Clusters From the Start
If you’ve decided to set up and deploy a Kubernetes cluster, ensuring proper security controls and alignment with overall organization ..