In today’s rapidly evolving digital landscape, ensuring robust security in cloud DevSecOps is more crucial than ever. Yet, a growing disconnect between executives and frontline “doers” poses significant challenges. Join JFrog and AWS for an insightful webinar where we’ll delve into the findings of JFrog’s Software State of the Union

The post Unified Security: Connecting Executives and Engineers in Cloud DevSecOps appeared first on Cloud Native Now.

A global survey of 600 DevOps, engineering and security professionals finds more than two-thirds (67%) reporting their organization has delayed or slowed application development as a result of security concerns. Conducted by Red Hat, the survey also found 89% reported at least one related security incident during the last 12

The post Survey Surfaces Cloud-Native Application Security Challenges appeared first on Cloud Native Now.

Development teams should prioritize application security testing, whether their applications are monoliths or containerized.

The post App Security Testing in Containerized Environments: Tips and Tricks appeared first on Cloud Native Now.

AppViewX today launched an automated certificate life cycle management platform for Kubernetes environments.

The post AppViewX Unfurls Certificate Life Cycle Management Platform for Kubernetes appeared first on Cloud Native Now.

Using the cloud means you can focus on your application and use a third party for most of your infrastructure. The cloud provides virtual interfaces that abstract away the details of operating infrastructure. That’s great for convenience, but what about security? Who is responsible for keeping your cloud-native application safe

The post Principle of Shared Responsibility in Cloud-Native Applications appeared first on Cloud Native Now.

In a previous article, we discussed keeping microservices secure, even from themselves. But what else can you do to keep your application free of vulnerabilities that could be exploited by bad actors? While there are many things you can do, one of the most essential is to understand who in

The post Just-in-Time Permissions in Microservices-Based Applications appeared first on Cloud Native Now.

At the KubeCon + CloudNativeCon Europe 2022 conference, Oxeye today announced general availability of its Cloud Native Application Security Testing (CNAST) tool to pinpoint vulnerabilities in microservices-based applications. The Oxeye platform requires developers to download an observer tool that is deployed in a single container and scans code for vulnerabilities

The post Oxeye Delivers CNAST Tool to Better Secure Microservices appeared first on Cloud Native Now.

It seems like you can’t talk about application security today without mentioning “shifting left.” This phrase refers to bringing security into the ‘left’ side of the software development life cycle and testing for vulnerabilities while code is being developed instead of after it is live in production. And while this

The post 3 Reasons Teams Struggle to Shift Security Left appeared first on Cloud Native Now.

Many enterprise IT organizations today rely on traditional security policies and tools that were not built to deal with the change, scale and complexity of cloud-native environments. While it’s hard to believe, for many organizations, security is an afterthought. The rise of DevSecOps helped to shift container security left, but

The post 4 Pillars of Cloud-Native Security appeared first on Cloud Native Now.

Governments across the world have realized that to get out of lockdowns while also avoiding a “second peak” from COVID-19, testing and contact tracing are critical. Like other European nations, the UK has decided that a smartphone app will be an important part of its contact tracing program. Although details

The post Kubernetes: The Underpin of UK’s COVID-19 Contact Tracing? appeared first on Cloud Native Now.