5 best practices for securing CI/CD pipelines

The engineer’s mindset is to understand a problem, build a solution, and then figure out how to deploy a robust and secure implementation into production environments. Unfortunately, it’s often more complicated and expensive to embed security best practices into a solution once it’s implemented, and the pressure to release innovations quickly often leads devops teams … Read more

Securing Access to Kubernetes With Zero Trust

Modern IT environments are becoming more dynamic by the day. Kubernetes, for example, is pushing the boundaries of what’s possible for many IT organizations. The benefits of the open source technology to automate deployment, scalability and management of containerized applications are numerous. In particular, IT teams are taking advantage of its power, efficiency and flexibility … Read more

Securing Your Cloud with Zero Trust and Least Privilege

Two great changes have happened in IT in the past years: cloud adoption and the transition to remote work. Each of these changes has required IT and DevOps teams to shift their perspectives and adopt new methodologies and technologies. But these changes have also impacted the state of cybersecurity. Organizations are now vulnerable to new … Read more

Securing Software Supply Chains on Kubernetes

Securing software supply chains remains a top priority for DevOps teams. In a prior post, we discussed the A MAP framework for Kubernetes supply chain security. In this post, we will discuss how supply chain security can be implemented using Nirmata Policy Manager and Venafi CodeSign Protect. With supply chain attacks on the rise, securing … Read more

Securing Containers With Seccomp – DZone DevOps

This blog post is the second half of my research on making it easier to create Seccomp-BPF filters and secure your containers with them. If you haven’t read the first half of this blog post yet, I recommend doing so before continuing here. For returning readers, I’ll briefly refresh you on my last post. I … Read more

Securing Your GraphQL Endpoint With Dgraph and Auth0 — Part 1 | by Flo Ragossnig | Apr, 2022

Setting up Dgraph This is the first part of a series of articles which will explain how to set up Dgraph with an example Quote Application. The final goal is establishing a secure GraphQL endpoint where your frontend application and backend scripts can query and mutate data via JWT. We will go through all the … Read more

Securing Your GraphQL Endpoint With Dgraph and Auth0 — Setting Up Auth0 | by Flo Ragossnig | Apr, 2022

Part 2/3 This is the second part of a series of articles which will explain how to set up Auth0 for an example Quote App which we will build using Dgraph. If you’re new to this, you might want to read part 1 to know what is gyong on. The final goal is establishing a … Read more

6 Tips For Securing IoT Devices

When discussing the current state of play for the Internet of Things (IoT), a quote comes to mind: With great power comes great responsibility. Cybersecurity becomes even more critical as more devices enter our homes and workplaces and send and receive sensitive data. For example, in 2021, globally-connected devices grew by 9% to 12.3 billion. … Read more