System architects (which means IT professionals who design platforms and infrastructures) have lots of things to think about when they do their work. Performance and availability are essential considerations. So are legacy compatibility, future-proofing, and scalability. Security wasn’t always high on the list of priorities for system architects. Traditionally, security was someone else’s job. But that has changed.
A multi-cloud infrastructure is any type of IT infrastructure that mixes a public or private cloud with at least one other type of environment. Hybrid clouds, which combine public or private cloud infrastructures with an on-premises environment, are one example of a multi-cloud infrastructure. Companies that choose to use more than one public cloud (such as AWS and Azure) at once are also relying on a multi-cloud infrastructure.
Container registry security is easy to overlook. But you fail to secure container registries at your peril. This is true whether you use containers from public registries, private registries, or both. Your container ecosystem is only as secure as its least secure container — and that container’s security depends, in part, on the registry from which you pulled the original container image. Why is this true? We’ll explain in this post.
In a perfect world, every organization would have a dedicated team of IT security experts whose sole mission was to enforce security best practices and address vulnerabilities across all layers of the organization. These people would spend their days making sure the code developers write is as secure as possible, checking and double-checking access control configurations, scanning container images for the least sign of trouble, and keeping the DDoS botnets at bay.
With dozens of Kubernetes distributions available, deploying Kubernetes is easier than ever. What can be trickier is keeping Kubernetes secure. Despite what you might think, many Kubernetes distributions are not as secure as they could be out of the box. And even if they are, there’s always more you can do to improve security.
The Twistlock for Pivotal Cloud FoundryⓇ(PCF) tile is now generally available . Customers are running our tile in their production environments. Get the Twistlock for PCF tile from the Pivotal Network to try it out.
Docker has been around for six years. In that time, lots of ink has been spilled (or pixels fired) about container security. A lot of the articles out there on container security are still helpful. But the fact is that Docker (and the broader stack of tools that you now use to deploy containers) have evolved substantially over the past six years. A list of container security tips from three or four years ago may no longer be relevant today.