SUSE Blog

Author: Glen Kosaka

Avatar photo
By: Glen Kosaka

November 6, 2019 12:30 pm

4,020 views

How to Create ‘Security Policy as Code’ to Automate Application Security Policies in the CI/CD Pipeline

DevOps and DevSecOps teams can now automatically deploy and update new applications securely using Kubernetes Custom Resource Definition (CRDs)   As DevOps teams integrate their toolchain to enable automated deployment of container-based applications, one aspect has always slowed down a modern cloud-native pipeline: security. And while automated vulnerability scanning is now standard practice, creating […]

Read More

Tags: , , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

August 1, 2019 12:38 pm

2,778 views

Container Security Monitoring with Prometheus and Grafana

Today, millions of applications are running in containers, with many millions more going into production.  It is not easy to manage and monitor a massive number of containers in any deployment at the same time. In order to better visualize and track container status, the combination of Prometheus and Grafana provides a simple, easy-to-deploy […]

Read More

Tags: , , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

April 22, 2019 2:33 pm

3,701 views

Using Admission Control to Prevent Unauthorized or Vulnerable Image Deployments in Kubernetes

Kubernetes Admission Control is a Critical Link in a Container CI/CD Pipeline An important security enforcement point to build into the container CI/CD pipeline is to prevent unauthorized or vulnerable images from being deployed into production Kubernetes clusters. While basic Kubernetes admission control provides some capabilities, preventing vulnerable images from being deployed requires extensions to […]

Read More

Tags: , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

March 12, 2019 11:28 am

3,657 views

Container Segmentation Strategies and Patterns

At a recent container security conference the topic of ‘container segmentation patterns’ came up, and it became clear that many security architects are wrestling with how to best segment workload communication in the dynamic environment of containers. The question was also raised “Is the DMZ dead?” The concept of network segmentation has […]

Read More

Tags: , , , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

March 1, 2019 11:38 am

2,501 views

How to Protect Sensitive Data in Containers with Container DLP

We recently announced the industry’s first Container DLP capability to help enterprises protect sensitive data. Let’s take a deeper look into data loss prevention (aka data leak protection) and how it applies to containers. What is Data Loss Prevention (DLP)? DLP solutions help detect potential sensitive data violations and prevent accidental or malicious […]

Read More

Tags: , , , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

February 12, 2019 11:41 am

3,081 views

How to Secure Containers in a Service Mesh such as Istio and Linkerd2

Visualize and Protect Service Mesh System and Application Containers with NeuVector By Chip Hwang We recently announced NeuVector integration with service meshes which enables powerful Layer 7 network inspection and protection of container traffic, even with pod to pod encryption on. This is an exciting technology leading capability from NeuVector which allows enterprises to […]

Read More

Tags: , , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

January 28, 2019 11:48 am

2,148 views

How to Secure Containers Using the NIST SP 800-190 Guide

NIST SP 800-190 focuses on potential security concerns of containers and provides recommendations for addressing these concerns. Containers are ephemeral and immutable, driving three main challenges on which NIST focuses: Scale. A typical container environment may have 100s or 1000s of containers. A container infrastructure is a dynamic environment so one minute there may be […]

Read More

Tags: , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

September 13, 2018 11:52 am

9,083 views

How Kubernetes Networking Works – Under the Hood

  By Tobias Gurtzick Kubernetes networking is a complex topic, if not even the most complicated topic. This post will give you insight on how kubernetes actually creates networks and also how to setup a network for a kubernetes cluster yourself. This article doesn’t cover how to setup a kubernetes cluster itself, you […]

Read More

Tags: , ,

Categories: SUSE Security

Avatar photo
By: Glen Kosaka

August 23, 2018 11:57 am

7,619 views

How to Hack a Kubernetes Container, Then Detect and Prevent It

By Dieter Reuter As we talked about before in this blog, containers are just vulnerable to be attacked as non-container workloads. Hackers can use many of their old tricks on new containers, such as application exploits, network attacks, or phishing scams. In this post and demo, I’ll show how to hack a Kubernetes container […]

Read More

Tags: , ,

Categories: SUSE Security

    Section Title

    Search

    Social Media

    Recent Posts Title

    Recent Blog Posts

    Recent Posts

    Popular Posts Title

    Popular Blog Posts

    Popular Posts

    Categories

    Archives

    About Links

    SUSE History
    SUSE Management Team
    SUSE Logos & Imagery