Containers

Meeting PCI DSS Network Security Requirements in Kubernetes Environments

Compliance standards such as PCI DSS have assumed that traditional characteristics and behaviors of the development and delivery model would continue to be constant going forward. With the Container/Kubernetes revolution, that set of assumptions is no longer entirely correct. Attend this webinar and learn about what’s changed, how those changes weaken your compliance and control environment, and what you can do to adjust to the new reality.

How To Extend Firewalls to Kubernetes to Stop Breaking Existing Security Architectures

Security teams use firewalls to secure their production environments, often using a zone-based architecture, and Kubernetes does not deploy well to that architecture. Application teams are launching new business-critical applications on Kubernetes and are aggressively moving to production. A clash is bound to happen.
sysdig

Integrating Gitlab CI/CD with Sysdig Secure

In this blog post we are going to cover how to perform Docker image scanning on the Gitlab CI/CD platform using Sysdig Secure. Container images that don’t meet the security policies that you define within Sysdig Secure will be stopped, breaking the build pipeline before being pushed to your production Docker registry.

panopta

Monitoring Kubernetes with Panopta

Kubernetes, Google’s open-source container management platform, offers one of the most robust toolsets for facilitating container configuration and automation. However, the level of abstraction that is native to Kubernetes presents a lot of challenges to monitoring and, while the level of abstraction and auto-scaling Kubernetes offers is incredibly powerful, without proper monitoring, it can create even larger pain points for your team and customers.

tigera

Getting started with Jaeger to build an Istio service mesh

Service mesh provides a dedicated network for service-to-service communication in a transparent way. Istio aims to help developers and operators address service mesh features such as dynamic service discovery, mutual transport layer security (TLS), circuit breakers, rate limiting, and tracing. Jaeger with Istio augments monitoring and tracing of cloud-native apps on a distributed networking system.

cloudhedge

Automated Containerization of Apps Using CloudHedge

Well, the answer is yes and no. Containerization is a relatively new technology and needs significant efforts to containerize an application, orchestrate, secure, manage and monitor it. Hence it’s worth looking at what does it take to containerize, deploy and run an application in real production in bit details for you to take a call whether you want to venture into it yourself or not.

victorops

Container Monitoring and Alerting Best Practices

With the agility of modern development practices and infrastructure comes a new set of challenges – namely, that applications consist of more parts, and the relationship between infrastructure and code is much tighter. In this post, I will discuss the monitoring and alerting considerations that IT needs to think about for modern applications running on containers.