Cryptojacking gained prominence in 2017 when browser-based mining made the exploitation of systems to produce cryptocurrency without the permission of users possible. Ever since, cloud-native environments have had to be on guard against this threat. But cryptojacking can be an overlooked threat. It’s not a risky unknown, like a Zero Day threat. And it’s often […]

Cloud migration security isn’t just about securing data in transit or ensuring compliance (those are foundational parts of a successful migration). It’s about mitigating deep, systemic risks that arise when shifting workloads from on-prem to cloud. That means that cloud migration security is not a one-time checklist but a strategic shift in visibility, control, and […]

Apps and their dependencies don’t run on their own — they need container runtimes to help power their execution by providing the right environment, resource management, and lifecycle operations for containers. While we’ve covered container runtimes and container runtime security, we haven’t looked at a foundational component of containers themselves — the Container Runtime Interface […]

There are a variety of approaches to workload security, ranging from zero-trust to network segmentation, agents or agentless – and more. Cloud workloads need securing, but the details of how to achieve a secure environment best, without standing in the way of agile development, make the roadmap to workload security less than direct.  We’re breaking […]

We’ve talked about container runtime security, but not all runtime security involves containers. In this article, we’re broadly exploring runtime security on its own, asking questions like: Is it effective in hybrid and multi-cloud environments? How can you integrate it into your larger security stack? Is it possible to get more out of runtime security […]

Running containers on Amazon Web Services (AWS) offers flexibility and scalability for modern application architectures, but it also introduces unique security, management, and compliance challenges. We’ve already discussed unique aspects of AWS container security. In this article, we take a broader view of the unique features of AWS containers that you need to know about […]

Sure, teams know they should be patching quickly. But patches aren’t always available for brand-new vulnerabilities, leaving teams to wonder whether it’s practical to try to prevent these zero-day attacks. After all, zero-day attacks involve, by definition, vulnerabilities that have never been seen before and that organizations don’t know exist. We’ve already looked at what […]

With the wide adoption of containerized applications, there’s an increasing demand for solutions that simplify container management in cloud environments. Amazon Web Services (AWS) Fargate aims to fill this gap by offering a serverless computing platform that streamlines container deployment without requiring developers to manage the underlying infrastructure. While AWS Fargate can make life easier […]

Since the mid-2010s, teams have increasingly managed security tasks alongside development. The emergence of DevSecOps has helped organizations shift security left and incorporate security earlier in the development process, though that approach hasn’t always helped with agility and scaling. We’re looking at what secure SDLC solutions look like, including their real-world challenges.  What is SDLC? […]