Cloud 101
Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
How To Secure S3 Buckets Effectively
Published: 07/14/2022

This blog was originally published by Panther here. Written by Kartikey Pandey, Panther. Six supercharged tips to reduce S3 bucket-related threats and ensure ‘water-tight’ cloud securityWhen it comes to AWS security, S3 buckets are undeniably the most vulnerable aspect of it all. Misconfigured S3...

How to Secure Kubernetes Ingress?
Published: 07/13/2022

This blog was originally published by ARMO here. Written by Ben Hirschberg, VP R&D & Co-founder, ARMO. Ingress aims to simplify the way you create access to your Kubernetes services by leveraging traffic routing rules that are defined during the creation of the Ingress resource. This ultimately a...

Shift Left is Only Part of Secure Software Delivery
Published: 07/11/2022

This blog was originally published by Sysdig here. Written by Anna Belak, Sysdig and Effi Goldstein, Snyk. We’re living in the age of accelerated consumption and delivery. You can get a seemingly infinite selection of products delivered to your door within two days, for free, from thousands of mi...

Why You Need Application Security Testing for Business-Critical Applications: Part 3
Published: 07/08/2022

This blog was originally published by Onapsis here. In this five part blog series, we discuss the importance of building secure business-critical applications with application security testing. In part one, we shared that while speed is the driving force behind application development, on-time ap...

Definitive Guide to Kubernetes Admission Controller
Published: 06/30/2022

This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO.What is Kubernetes Admission Controller?Kubernetes Admission Controller is an advanced plugin for gating and governing the configuration changes and workload deployment in a cluster. Admission Contr...

What a More Holistic Approach to Cloud-Native Security and Observability Looks Like
Published: 06/27/2022

This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. The rise of cloud native and containerization, along with the automation of the CI/CD pipeline, introduced fundamental changes to existing application development, deployment, and security paradigms. Because clo...

What to Look for in a CNAPP Solution
Published: 06/24/2022

Written by Aqua Security. As large-scale cloud native deployments become more prevalent, enterprises are trying to bring greater efficiency and speed to cloud native security. To do this, they’re moving to shift security left, implementing intelligent automation, cloud security posture management...

How to Secure Kubernetes Pods Post-PSPs Deprecation
Published: 06/17/2022

This blog was originally published by ARMO here. Written by Amir Kaushansky, VP Product, ARMO. Kubernetes pods are the basic building blocks of Kubernetes. It's managing one or more tightly coupled application containers allowing them to share resources and networks. Pods are hosted on nodes, whi...

Why You Need Application Security Testing for Business-Critical Applications: Part 2
Published: 06/10/2022

This blog was originally published by Onapsis here.In this blog series, we discuss the importance of building secure business-critical applications with application security testing. In part one, we shared that while speed is the driving force behind application development, on-time application d...

Critical AppSec Capabilities That Accelerate Cloud Transformation
Published: 06/06/2022

Written by Sujatha Yakasiri, CSA Bangalore Chapter and Stan Wisseman, CyberRes Cloud Technology is one of the fastest-growing technologies across the globe these days. Cloud adoption by organizations has increased exponentially especially during the covid-19 outbreak due to remote working culture...

Cloud Security Terms You Need to Know
Published: 06/04/2022
Author: Nicole Krenz

As more companies are migrating to the cloud, security must remain at the forefront of everyone’s minds. Regardless of your job title, industry, or technical knowledge, the topic of cloud security is necessary. Explore the following terms to stay up-to-date with and gain a baseline knowledge of t...

Secure Software Supply Chain: Why Every Link Matters
Published: 05/23/2022

This blog was originally published by Sysdig here. Written by Álvaro Iradier, Sysdig. The new threats in software development are not only related to the specific company itself. The whole software supply chain is a target for attackers and it is really important to make sure that we put all our ...

Getting Started with Kubernetes Ingress
Published: 05/23/2022

This blog was originally published by ARMO here. Written by Ben Hirschberg, VP R&D & Co-founder, ARMO. Kubernetes Ingress is one of today’s most important Kubernetes resources. First introduced in 2015, it achieved GA status in 2020. Its goal is to simplify and secure the routing mechanism of inc...

The One Cloud Threat Everyone Is Missing
Published: 05/19/2022

Blog originally published at fugue.co on April 22, 2022. Written by Josh Stella, Chief Architect at Snyk. Ask security professionals to name the biggest threat to their organizations’ cloud environments, and most won’t hesitate to give a one-word answer: misconfigurations. Technically, t...

Introducing Data Security Posture Management (DSPM) Platform
Published: 05/18/2022

This blog was originally published by Polar Security here. Written by Nimrod Iny, Polar Security. You’re a cloud-based company, your entire business model relies on cloud data and your cloud environment is VERY precious to you, correct? That’s why you invest all of your resources into protecting ...

Container Security Best Practices
Published: 05/10/2022

This blog was originally published by Sysdig here. Written by Álvaro Iradier, Sysdig. Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences.According to the 2020 CNFC Survey, 92 ...

Ultimate Guide to Observability: What It Is and How to Do It Well
Published: 05/06/2022

This blog was originally published by Contino here. Written by Matthew Macdonald-Wallace, Contino. The complexity of software systems is ever increasing; organisations need to invest in ensuring that their systems are operable.In this blog, we’re taking a deep dive into observability: what it is,...

The Five Universal Fundamentals for Securing Your Cloud
Published: 05/06/2022

This blog was originally published on fugue.co on April 7, 2022.Written by Josh Stella, chief architect at Snyk. The word “misconfiguration” can seem quite innocuous — an innocent mistake that’s easy to fix, like putting your car into drive while the parking brake is still engaged. You quickl...

Kubernetes Version 1.24: Everything You Should Know
Published: 04/29/2022

This blog was originally published by ARMO here. Written by Amir Kaushansky, ARMO. The first Kubernetes release of 2022 will be released on May 3rd. The new release, version 1.24, is full of enhancements, new features, and bug fixes.We’ve written this post so you can adjust your Kubernetes resour...

5 Benefits of Detection-as-Code
Published: 04/27/2022

This blog was originally published by Panther here. Written by Kartikey Pandey, Panther. How modern teams can automate security analysis at scale in the era of everything-as-code.TL;DR: Adopt a modern, test-driven methodology for securing your organization with Detection-as-Code.Over the past dec...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.