ISO 27001:2013 compliance with Sysdig Secure

The ISO 27001 certification can make a difference when your business is tied with deploying cloud-native applications. Providing relevance and credibility in front of potential customers will show that your company takes security seriously, ensuring the client’s trust. We previously covered other compliance frameworks in our blog, like GDPR, HIPAA, NIST, and SOC 2. Those frameworks also show a strong commitment to security best practices.


Container security best practices: Comprehensive guide

Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences. According to the 2020 CNFC Survey, 92 percent of companies are using containers in production, a 300 percent increase since 2016. Thus, Kubernetes, Openshift, and other container technologies are present everywhere. But aren’t containers meant to be safe and isolated? Well, kind of.


The Power of Data: Calendar-based Policy Enforcement

A problem that is often discussed in the context of policy-as-code is how to get more people other than developers involved in policy authoring. Policy as code is still code, and while tooling and abstractions can help to some extent, the process still involves at least some level of development knowledge.


Kubernetes Security Frameworks - Quick Comparison

The challenge of administering security and maintaining compliance in a Kubernetes ecosystem is typically the same: an increasingly dynamic, changing landscape, be it new approaches of cyberattacks or adhering to changing regulations. Kubernetes security requires a complex and multifaceted approach since an effective strategy needs to: Though security and compliance are often mistaken as two separate requirements, their objectives are the same.


Kong Mesh and Styra DAS - securing modern cloud-native applications

Back at KubeCon North America 2017, many speakers declared that 2018 would be “The Year of the Service Mesh”. Just a year later, in the 2019 CNCF Survey1, it was reported that 18% of surveyed organizations were using a service mesh in production, and by 20202 (the most recent survey published at the time of this writing) that number rose to 27%.

Utilizing Upbound Crossplane and Styra DAS to Set Policy Across a Modern Technology Stack

Upbound Crossplane with Styra Declarative Authorization Service (DAS) allows developers to elegantly provision infrastructure while preventing unsecure configuration. Crossplane applied to Kubernetes with Open Policy Agent (OPA) and Styra DAS can efficiently and effectively apply policy for centralized code and enforcement.

Applying Least Privilege in Kubernetes II Jonathan Canada

Scalability and Cloud-Native have driven the demand for Kubernetes, but the developer now has the harder task of building applications in a secure manner. This talk will focus on best practices for implementing least privilege and enforcing zero trust principles within Kubernetes clusters. A how-to for implementing robust Role Based Access Control (RBAC) tied into the corporate SSO/Identity provider using Teleport.

"Chain"ging the Game - how runtime makes your supply chain even more secure

There is a lot of information out there (and growing) on software supply chain security. This info covers the basics around source and build, but does it cover all of your full software supply chain lifecycle? Is your build env at runtime protected? Is your application post deploy protected at runtime? This article will not only discuss what these concepts are, but provide additional discussions around the following: Read on brave reader…


Styra Declarative Authorization Service Expands Service Mesh Use Case

We are thrilled to announce native support of Kong Mesh, Istio and Kuma within Styra Declarative Authorization Service (DAS), enabling users to combine stellar service mesh solutions with the only authorization management platform that supports trusted cloud architecture. Styra DAS allows teams to manage policies across a broad spectrum of systems, like Kubernetes, microservices, public cloud, and more.