Kubernetes continues to be a popular platform for deploying containerized applications, but securing Kubernetes environments as you scale up is challenging. Each new container increases your application’s attack surface, or the number of potential entry points for unauthorized access. Without complete visibility into every managed container and application request, you can easily overlook gaps in your application’s security as well as malicious activity.

This is everything you need to know about FlashDrive, and how it can help you reduce your infrastructure costs while improving your applications' responsiveness and overall quality. FlashDrive is a Docker cloud hosting service constituted in a network of high availability clusters located in North America and Europe. To completely understand what FlashDrive is and how it can help you, let's first talk about the Docker cloud, containers, and the purpose of containerization.

Cloud computing sometimes spoils one with choices. Let's just take a look at a couple of common cloud services. You can use cloud services to deploy and scale web and mobile apps besides monitoring them. AWS and Heroku provide cloud computing resources. AWS is from Amazon, while Heroku is from Salesforce. In this article, let us see which one is better to use from the start-up perspective.

On a given month, we get 1/3rd of requests for modernizing AIX workloads, and that’s perfectly fine because though it’s not a widely used platform there are still thousands of businesses running their mission-critical apps on AIX. Modernizing AIX workloads is a challenging task, and the next question that comes to your mind is where do you start.

CVE-2020-8554 is a vulnerability that particularly affects multi-tenant Kubernetes clusters. If a potential attacker can create or edit services and pods, then they may be able to intercept traffic from other pods or nodes in the cluster. An attacker that is able to create a ClusterIP service and set the spec.externalIPs field can intercept traffic to that IP. In addition, an attacker that can patch the status of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

Like pretty much every company in 2020, Civo has had to deal with some unexpected world events! To wrap up the year, I thought I'd put together some of the most significant developments in our company from a CTO's perspective, and how they will affect us looking forward into the next year.

A few weeks ago a solution engineer discovered a critical flaw in Kubernetes architecture and design, and announced that a “security issue was discovered with Kubernetes affecting multi-tenant clusters. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.” If a hostile user can create a ClusterIP service and set the spec.externalIP field, they can intercept traffic to that IP.

Welcome to another monthly update on what’s new from Sysdig. Our team continues to work hard to bring great new features to all of our customers, automatically and for free!

Coveralls is a web service that allows users to track the code coverage of their application over time in order to optimize the effectiveness of their unit tests. Once you are managing your application and associated resources within a CI/CD platform like Codefresh, you want to receive insights on the test coverage automatically with every pipeline build. This post provides an overview of how this can be achieved with Coveralls and Codefresh.

One of the most typical challenges when deploying a complex application is the handling of different deployment environments during the software lifecycle. The most typical setup is the trilogy of QA/Staging/Production environments. An application developer needs an easy way to deploy to the different environments and also to understand what version is deployed where. Specifically for Kubernetes deployments, the Helm package manager is a great solution for handling environment configuration.