SAST tool selection - integrations

SAST tool selection – tips to pick the right one for you

Every organization which treads security as a top priority needs a Static Application Security Testing (SAST) tool. Run this tool against every software application before you push out new versions to...
How to migrate Kubernetes Pod Security Policy (PSP) using OPA and Styra DAS

How to migrate Kubernetes Pod Security Policy (PSP) using OPA and Styra DAS

The Kubernetes Pod Security Policy (PSP) was one of the first reliable security controls introduced by Kubernetes. It was an Admission Controller that simply checked whether or not the Pods being...
Nomad 1.1

Announcing General Availability of HashiCorp Nomad 1.1

Nomad is one of Hashicorp’s products that I feel more people should take a look at. It offers a viable alternative or even a supplement to Kubernetes in that it orchestrates...
Why Simple CICD reduces Friction and makes devs happy

Why Simple CI/CD reduces Friction and makes devs happy

For software development teams, one of the most important factors of an efficient and successful development process is frictionless CI/CD. While simple CI/CD reduces friction, getting to a point of 'simple'...
GitLab 2021 Global DevSecOps Survey

DevSecOps is not easy, but it is moving forward

DevSecOps is not easy but it is moving forward For the fifth year in a row, GitLab on May 4 2021 releases the DevSecOps report. The report is drawn up by requesting...
Boundary 0 2 enters its truculent twos

Boundary 0.2 enters its truculent twos

Hashicorp has had a busy week, with the release of their latest version of Vault, on their Cloud platform as a managed service, the release to GA for version 0.15 of...
Security for containers, Kubernetes, and Cloud with Sysdig

Security for containers, Kubernetes, and Cloud with Sysdig

Security for containers, Kubernetes, and Cloud. This is the catchphrase presented prominently on the Sysdig website, a tool that supports the implementation of DevSecOps. This article provides an overview of the...
What-is-Cloud-Native

What is Cloud-native?

Clouds. Love or hate them, but they are here to stay. Private, Public, Hybrid, Multi-Cloud. So many buzz words abound in this particular technology space that you could have two games...

Identity-Based micro-segmentation boosts cloud security

Companies increasingly execute cloud-first strategies for their core business applications. Some organizations even put a deadline on when they want to close down their data-center in the near future. DevOps teams...
Terraform Cloud Operator for Kubernetes is now GA

Terraform Cloud Operator for Kubernetes is now GA

HashiCorp has moved to production the Terraform Cloud Operator for Kubernetes in Terraform Cloud. This product was first announced in March 2020 as an alpha product. At the time they stated...