Cloud 101
Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Enabling Secure Cloud Migration to Enterprise Cloud Environments
Published: 01/20/2023

Written by Andy Packham, Chief Architect and Senior Vice President, Microsoft Business Unit, and Syam Thommandru, Global Alliances and Product Management, Cybersecurity & GRC Services, HCLTech. Global enterprises are at an exciting new threshold of possibilities in the new normal. As remote work ...

Mitigating Controls for Cloud-Native Applications: Why You Need Them
Published: 01/17/2023

Originally published by Tigera. Written by Phil DiCorpo, Tigera. Fixing vulnerabilities can be hard—especially so for cloud-native applications. Let’s take a deeper look at why this is, and how mitigating controls can help secure your cloud-native applications.Vulnerabilities are like earthquakes...

Pipeline Sprawl in DevOps: It’s a Thing
Published: 01/13/2023

Originally published by Dazz. Written by Tomer Schwartz, Co-founder & CTO, Dazz. CI/CD pipeline sprawl is happening faster than you can rein it inCompanies are developing software in the cloud in a big way. Under the umbrella of digital transformation, and driven by customer expectations and comp...

How to Improve Your Kubernetes Security Posture
Published: 01/03/2023

Originally published by Sysdig. Written by Alba Ferri, Sysdig. KSPM or Kubernetes Security Posture Management refers to the security state and capabilities in place to manage the defense of the Kubernetes clusters and the workloads running on top of it. It also includes how well it can predict, p...

Make Cloud Defense a Team Sport by Turning DevOps into a Force Multiplier
Published: 12/19/2022

Originally published by CrowdStrike. Written by David Puzas, CrowdStrike. Enterprises are embracing cloud-native applications in the name of business agility. These applications enable developers to take advantage of the cloud’s scalability and flexibility, allow customers and developers to benef...

The Role Of ITSM In The Cloud, DevSecOps, And Container Era
Published: 12/09/2022

Written by Sandeep Shilawat, Cloud and IT Modernization Strategist, ManTech. Originally published by Forbes. Over the last two decades, ITIL has become the de-facto industry standard for managing IT services. IT service management tools and processes were developed and implemented to execute ITIL...

What Is eBPF and What Are Its Use Cases?
Published: 12/08/2022

Originally published by Tigera. Written by Reza Ramezanpour, Tigera. With the recent advancements in service delivery through containers, Linux has gained a lot of popularity in cloud computing by enabling digital businesses to expand easily regardless of their size or budget. These advancements ...

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals
Published: 12/02/2022

Originally published by Ermetic. Security professionals are constantly inundated with warnings about the potentially colossal impact of security threats and risks to their organization. But what is colossal in real currency? By understanding how much the cost of a data breach can impact one's org...

Definitive Guide to Hybrid Clouds, Chapter 2: Exploring the Roles of NetOps, CloudOps, and SecOps
Published: 12/01/2022

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon. This post explores Chapter 2 of the “Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.” Read Chapter 1 and check back for future posts covering Chapters 3–7. As more organizations move forward with t...

Altruism in Information Security? (Part 1 of 3)
Published: 11/14/2022

Originally published by Tentacle. Written by Matt Combs, Tentacle. Altruism and Information Security; two terms not commonly used together - the first term not often used to describe the foundational philosophy of the latter. Altruism is ideological; a desired state of the ultimate do-gooder who...

2022 Threat Report: Cloud-Native Threats are Increasing and Maturing
Published: 11/04/2022

Originally published by Sysdig. Written by Michael Clark. Sysdig. The first annual cloud-native threat report from Sysdig explores some of the year’s most important security topics in the cloud. As the use of containers and cloud services keeps growing, threat actors are increasingly turning thei...

A Practical Guide to Container Networking
Published: 11/03/2022

Originally published by Tigera. Written by Reza Ramezanpour, Tigera. An important part of any Kubernetes cluster is the underlying containers. Containers are the workloads that your business relies on, what your customers engage with, and what shapes your networking infrastructure. Long story...

The String (Cheese) Theory of Zero Trust
Published: 10/19/2022

Originally published by CXO REvolutionaries here. Written by Martyn Ditchburn, Director of Transformation Strategy, Zscaler. I regularly get asked, “How did you drive the change from the traditional data center and legacy architecture to a new paradigm of 100% cloud, DevNetSecOps, and zero trust ...

26 AWS Security Best Practices to Adopt in Production
Published: 10/11/2022

Originally published by Sysdig here. Written by Alejandro Villanueva, Sysdig. One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices to prevent unnecessary security situations. So, you’ve got a problem to so...

Facing the Shift-Left Security Conundrum. A True Story
Published: 10/06/2022

Originally published by Ermetic here. Written by Diane Benjuya, Ermetic. There was a time when developers and security teams did not, er, get along. Friction reigned as each struggled to meet their own needs. Security teams forewarned of data breaches, DevOps forewarned of development slowdowns a...

Cloud DNS Security – How to Protect DNS in the Cloud
Published: 09/28/2022

Originally published by Sysdig here. Written by Brett Wolmarans, Sysdig. When using DNS in the Cloud, security cannot be overlooked. This article is for cloud architects and security practitioners who would like to learn more about deployment options for DNS security and some security best practi...

Do You Really Need a Service Mesh?
Published: 09/22/2022

Originally published by Tigera here. Written by Phil DiCorpo, Tigera. The challenges involved in deploying and managing microservices have led to the creation of the service mesh, a tool for adding observability, security, and traffic management capabilities at the application layer. While a serv...

Your Cloud Footprint is Growing: Here’s How to Scale Cloud Governance
Published: 09/14/2022

Written by Umair Khan, Marketing Director, Stacklet For today’s businesses, cloud footprints have grown—and keep getting larger. Increasingly, that means many teams and departments are running implementations across multiple cloud providers, services, and regions. From a cloud governance or polic...

Why Securing Internet-Facing Applications is Challenging in a Kubernetes Environment
Published: 09/08/2022

Originally published by Tigera here. Written by Ratan Tipirneni, Tigera. Internet-facing applications are some of the most targeted workloads by threat actors. Securing this type of application is a must in order to protect your network, but this task is more complex in Kubernetes than in traditi...

GitOps and Shift Left Security: The Changing Landscape of DevSecOps
Published: 09/07/2022

Originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development team...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.