Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Getting Started with Kubernetes Ingress
Published: 05/23/2022

This blog was originally published by ARMO here. Written by Ben Hirschberg, VP R&D & Co-founder, ARMO. Kubernetes Ingress is one of today’s most important Kubernetes resources. First introduced in 2015, it achieved GA status in 2020. Its goal is to simplify and secure the routing mechanism of inc...

Container Security Best Practices
Published: 05/10/2022

This blog was originally published by Sysdig here. Written by Álvaro Iradier, Sysdig. Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences.According to the 2020 CNFC Survey, 92 ...

How to Secure Deployments in Kubernetes?
Published: 05/09/2022

This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO. Security is crucial ‌for containerized applications that run on a shared infrastructure. With more and more organizations moving their container workloads to Kubernetes, K8s has become the go-to pl...

Kubernetes Version 1.24: Everything You Should Know
Published: 04/29/2022

This blog was originally published by ARMO here. Written by Amir Kaushansky, ARMO. The first Kubernetes release of 2022 will be released on May 3rd. The new release, version 1.24, is full of enhancements, new features, and bug fixes.We’ve written this post so you can adjust your Kubernetes resour...

Kubernetes for Beginners – A Step-by-Step Guide
Published: 03/28/2022

This blog was originally published by Vulcan Cyber here. Written by Natalie Kriheli, Vulcan Cyber. For beginners, Kubernetes can seem pretty daunting. It offers a feature-rich, flexible, and extensible platform, but the downside is that Kubernetes security can be quite challenging. Any misconfigu...

Kubernetes Security Best Practices: Definitive Guide
Published: 03/03/2022

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, VP Marketing & Business Development, ARMO. IntroductionKubernetes, an open-source microservice orchestration engine, is well known for its ability to automate the deployment, management, and, most importantly, scaling o...

Kubernetes Security Best Practices
Published: 01/21/2022

Written by the CSA Serverless Working Group Kubernetes is an open-source container orchestration engine for automating deployment, scaling, and management of containerized applications. A Kubernetes cluster consists of worker nodes/pods that host applications. The Kubernetes control plane manages...

Container Security Best Practices in Microservices
Published: 01/15/2022

The best practices in this blog assume that you have selected a microservices deployment model that leverages containers. For microservices and security to co-exist, a framework and plan for development, governance, and management of microservices must be developed. Here are some key points to ke...

Microservices Architecture Patterns: Working Together to Secure the Cloud
Published: 12/27/2021

Written by the CSA Application Containers and Microservices Working GroupThe secure development of microservices relies on architecture patterns. In the following blog, review these microservices architecture patterns and note how many are able to work together to form a secure cloud system. The ...

The Complete Guide of Kubernetes Role-Based Access Control (RBAC)
Published: 12/02/2021

This blog was originally published by ARMO here. Written by Amir Kaushansky, ARMO. What Is Kubernetes RBAC? First, let’s recap quickly what RBAC is in the context of a Kubernetes cluster. RBAC determines whether a certain entity (whether a user or a pod already running inside the cluster) is allo...

What is a Cloud-Native Application Protection Platform (CNAPP)?
Published: 10/25/2021

This blog was originally published by Wiz here. Written by Josh Dreyfuss, Wiz. The security space is rife with acronyms and it can be difficult to keep track of everything. There is a new acronym emerging, however, that is worth diving into: CNAPP. CNAPP, or Cloud-Native Application Protection Pl...

How Security Changes With Cloud Networking
Published: 09/08/2021

Common on-premises network practices work differently for the cloud user and provider due to the lack of direct management of the underlying physical network. The most commonly used network security patterns rely on control of the physical communication paths and insertion of security appliances....

Kubernetes 1.22 – What’s new?
Published: 09/06/2021

This blog was originally published by Sysdig here. Written by Víctor Jiménez Cerrada, Sysdig. Kubernetes 1.22 was released in early August, and it comes packed with novelties! Where do we begin? This release brings 56 enhancements, an increase from 50 in Kubernetes 1.21 and 43 in Kubernet...

The Microservices Architecture Pattern: Expanding Security Assurance Ideas in Containers and Microservices
Published: 09/02/2021

After 137 rolling discussions on Circle and growing a library of input material to 42 unique documents, 2 co-chairs and 343 Application Containers and Microservices (ACM) working group members spanning 5 continents created a third installment further expanding the ideas of CSA security assurance ...

Five Recommendations for Securing Cloud Containers
Published: 08/19/2021

Written by the members of the Security Guidance Working Group. This blog came from Domain 8 of the CSA Security Guidance for Cloud Computing v4.Understanding the impacts of virtualization on security is fundamental to properly architecting and implementing cloud security. In this blog, we will be...

Secure Containers and Microservices Series
Published: 08/18/2021

Last updated: September 1, 2021CSA Application Containers and Microservices Working Group’s Secure Containers and Microservices SeriesApplication containers and a microservices architecture, as defined in NIST SP 800-180, are being used to design, develop and deploy applications leveraging agile ...

Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass
Published: 06/22/2021

This blog was originally published by Sysdig hereWritten by Stefano Chierici, SysdigThe CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised node updates.The kube-apiserver affected are:kube-a...

Application Container Security: Risks and Countermeasures
Published: 05/05/2021

Written by Suria VenkataramanVirtualizations enable isolated, virtualized views of the operating systems (OS) to each application. Today’s OS virtualization technologies are primarily focused on providing a portable, reusable, and automatable way to package and run applications as containers-base...

How to Secure Cloud Non-Native Workloads
Published: 04/26/2021

This blog was originally published by Intezer here.Not All Applications are Cloud-NativeCompanies are adopting cloud at a faster pace but not all applications are born cloud-native. Many traditional applications are simply “lifted and shifted” to the cloud as a first step in the cloud transformat...

Cloud-Native Security 101
Published: 04/19/2021

This blog was originally published by Intezer.The arrival of the cloud has changed the application development process. Agile cloud-native applications have replaced traditional monolithic application architectures, and components are no longer bundled into a single server. This transformation ha...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.