In the 20th century we were programmers. In the 21st century, developers. With the massification of telecommunications worldwide, operators began to help us in our work. That’s where the term DevOps (“developers” and “operations”) arose, which implies the concept of collaboration of both teams. But since change is the only constant, other practical considerations have forced us to see the entire forest instead of just a few trees.

We’ve discussed Magecart very frequently in recent months and it’s getting worse, with new attacks coming to light on a weekly basis. At RapidSpike, we are committed to raising exposure on these types of attacks and educating companies as to how they can effectively detect data breaches and reduce their exposure to them.

This is the third of a series of three articles focusing on Kubernetes security: the outside attack, the inside attack, and dealing with resource consumption or noisy neighbors. A concern for many administrators setting up a multi-tenant Kubernetes cluster is how to prevent a co-tenant from becoming a “noisy neighbor,” one who monopolizes CPU, memory, storage and other resources.

Over the last year, along with Kubernetes, Serverless computing platforms have acquired tremendous mindshare among the development community. As Serverless implementations begin to proliferate, I want to make the case that there are tremendous synergies to be gained by bringing both these paradigms together. Some of these benefits have been covered in previous posts. The majority of enterprises are embarking on their DevOps journey. Scaling such processes across a large enterprise is complicated.

Hi all! I am a part of the architecture team at Avito.ru, one of the world’s top classifieds (read more about Avito here). In this post I want to share our experience in implementing kubernetes at scale. Kubernetes is a powerful orchestration tool that helps us manage dozens of microservices, support robust and fast deploy. It’s really cool that we don’t have to manage resources manually, think about service discovery and so on.

A new monthly feature blog on all things Magecart going on in the news. This summary gives you all the known facts about data breaches reported in the news as well as an insight from our own RapidSpike Security Researcher.

In the new report, “Analytics is making its security operations mark ahead of schedule,” analyst firm 451 Research details the accelerating transition happening in the security information and event management (SIEM) space. The report underscores how new cloud-native analytics solutions are displacing traditional SIEMs at the heart of the defense.

Amazon S3 is an object storage service widely used for storing many different types of data in the cloud. While it’s inexpensive and easy to set up and maintain S3 buckets, it’s also very easy to overlook S3 security aspects and expose them to malicious attacks. A typical example is accidentally allowing public access to S3 files. Several recent high-profile data breaches were caused by lax S3 security.

An emerging use case for containerized platforms has been the ability to deploy applications in what is termed as an air-gapped deployment. This deployment pattern is particularly pronounced around edge computing (more on that later in the blog series) – though there exist significant differences between edge clusters and air-gapped deployments. Air-gapped applications are those that run isolated from datacenter or internet connectivity.

Calico provides users flexibility by detecting and choosing the right tool for the right job. One of our core values at Tigera is Our customer is the hero of our story. We consider the OpenSource users of Project Calico our customers and we intently listen to their needs to continuously deliver new capabilities and enhanced performance.