Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

The Crossroad of Security & Observability in Kubernetes: A Fireside Chat

Security as an afterthought is no longer an option and must be deeply embedded in the design and implementation of the products that will be running in the cloud. It is increasingly more critical for many security teams to be almost, if not equally, knowledgeable of the emerging and rapidly evolving technology. Join Manish Sampat from Tigera, as explores the topic in detail with Stan Lee from Paypal.

Ensuring adequate security, observability, & compliance for cloud native applications

Containers, Microservices, and cloud-based applications have revolutionized the way companies build and deliver products globally. This has also changed the attack surface and requires very different security strategies and tools to avoid exposure to sensitive information and other cyber attacks. Regulatory compliance has also evolved making it ever so important for companies to adapt to this new paradigm.

3 ways to improve your enterprise IT security

You’ve undoubtedly heard the saying, “A chain is only as strong as its weakest link.” The same idea applies to your IT systems. They’re only as secure as their weakest vulnerability. No organization wants to fall victim to a cyberattack. These three ServiceNow webinars will help prepare you to boost your enterprise IT security and, ultimately, safeguard your business.

Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk. This talk will walk through an example of how to 1) map compliance controls to specific Kubernetes technical configuration 2) automate the assessment of those controls 3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.

Building secure and observable Kubernetes platforms for scaled software delivery

"Companies of various sizes are building their applications on Kubernetes because it provides significant operational benefits like autoscaling, self-healing, extensibility, and declarative deployment style. However, the operational benefits are only a starting point down the path of building a secure and observable platform that enables the continuous delivery of application workloads. This session shows how to build a fully operational platform, leveraging platform-oriented building blocks to address network security and observability.

Exploring intrusion detection techniques in cloud native environments - Garwood Pang, Tigera

As more production workloads migrated to the cloud, the need for Intrusion Detection Systems(IDS) grew to meet compliance and security needs. With the number of workloads in each cluster, IDS needs to be efficient to not take up the shared resources. Techniques such as packet inspection and web application firewalls provide a solid defense against threats and by leveraging the cluster's network control pane, we are able to selectively choose vulnerable workloads and provide an easy way to trace back to the origin of the attack.

Service Mesh, Observability and Beyond - Sheetal Joshi, AWS

Congratulations! You’re now cloud-native with microservices. No more legacy monoliths. However, troubleshooting takes time, debugging is difficult, and security is scary. How can you scale your organization without losing an understanding of your environment? Services mesh is here to help! It gives you the observability of connected services and is easier to adopt than you might think. Come and learn service mesh concepts, best practices, and key challenges.

Kubernetes Observability & Troubleshooting: Best Practices - Raj Singh, Box

Early adoption of Kubernetes came with its set of challenges for Box, that led to innovative solutions & learnings. In this session, the speaker will take you through some of those solutions around Kubernetes Observability & best practices which will make your Kubernetes journey easier.