The latest News and Information on Containers, Kubernetes, Docker and related technologies.
Authorization to Operate (ATO) in a day and on-going authorization are compliance nirvana. The ATO is the authorizing official’s statement that they accept the risk associated with the system running in production environments using live business data. The idea that all of the information necessary to make a risk decision is at hand and can be consumed by decision makers is what every compliance program is trying to achieve.
Whether you sat out this KubeCon or were too busy working the hallway track to make it to all the sessions on your list, never fear. You can catch up on all the talks given by Grafanistas here.
Last week’s container event of the year, KubeCon, hosted by the Cloud Native Computing Foundation, attracted more than 12,000 attendees to the San Diego convention center. While there, I attended numerous sessions but I also spent a good portion of time chatting with DevOps professionals, Kubernetes practitioners, and vendors to understand the practicalities behind deploying and managing containerized workloads and microservices.
Joe Elliott, a backend engineer at Grafana Labs, took the stage in front of a packed house at KubeCon + CloudNativeCon in San Diego to demonstrate a few of the tricks he uses to debug applications live in Kubernetes. The goal is to increase your knowledge of applications in the production environment. Elliott’s techniques are framework agnostic and Linux-specific, and they are most useful in situations where you have a known type of problem and application.
In this blog post you’ll learn how to set up image vulnerability scanning for AWS CodePipeline and AWS CodeBuild using Sysdig Secure DevOps Platform. AWS provides several tools for DevOps teams: CodeCommit for version control, CodeBuild for building and testing code, and CodeDeploy for automatic code deployment. The block on top of all these tools is CodePipeline that allows them to visualize and automate these different stages.
As container adoption in AWS takes off, ECR scanning is the first step towards delivering continuous security and compliance. You need to ensure you are scanning your images pulled from AWS ECR for both vulnerabilities and misconfigurations so that you don’t push applications running on AWS that are exploitable.
Cloud teams are increasingly adopting AWS container services to deliver applications faster at scale. Along with the roll out of cloud native architectures with containers and orchestration, what’s needed to stay on top of the security, performance and health of applications and infrastructure has shifted. At Sysdig, we’ve worked with Amazon to provide tools and integrations that help secure your Cloud Native workloads deployed across all AWS container services.
Developing for Google Cloud Run in a hybrid system managed by Anthos isn’t a solo race, it’s a relay between cloud and on-prem. To win, you’ll need an advanced Docker registry that can swiftly pass your containers for Cloud Run functions from one environment to the next. In our example hybrid architecture, you’ll see how JFrog Container Registry can be that reliable relay partner.
