|
By Reza Ramezanpour
Kubernetes is known for its modularity, and its integration with cloud environments. Throughout its history, Kubernetes provided in-tree cloud provider integrations with most providers, allowing us to create cloud-related resources via API calls without requiring us to jump through hoops to deploy a cluster that utilizes the power of underlying networking infrastructure. However, this behavior will change with the release of Kubernetes v1.31, and right now is the best time to plan for it.
How to Derive Value from GenAI Application Development & Deployment Without Compromising on Security
|
By Ratan Tipirneni
The Generative Artificial Intelligence (GenAI) innovations and advancements over the past 1.5 years have been unmatched. Gartner predicts that by 2026, more than 80% of enterprises will have deployed GenAI-enabled applications in production environments and/or used GenAI application programming interfaces or models. This is up from less than 5% in 2023.
|
By Phil DiCorpo
Service mesh is a tool for adding observability, security, and traffic management capabilities at the application layer. A service mesh is intended to help developers and site reliability engineers (SREs) with service-to-service communication within Kubernetes clusters. The challenges involved in deploying and managing microservices led to the creation of the service mesh, but service mesh solutions themselves introduce complexities and challenges.
|
By Rui De Abreu
When enterprises transition to a microservices model, they often need to migrate their legacy applications to the new infrastructure. One popular framework used for these traditional applications is.Net. Due to migration, enterprises require the ability to run Windows containers in their Kubernetes infrastructure.
|
By Reza Ramezanpour
workloads from remote clusters As Kubernetes continues to gain traction in the cloud-native ecosystem, the need for robust, scalable, and highly available cluster deployments has become more noticeable. While a Kubernetes cluster can easily expand via additional nodes, the downside of such an approach is that you might have to spend a lot of time troubleshooting the underlying networking or managing and updating resources between clusters.
|
By Dhiraj Sehgal
In the rapidly evolving landscape of IT infrastructure, enterprises are increasingly moving away from traditional virtualization platforms due to rising licensing costs and the limitations these older systems impose on modern cloud-native application needs. The shift towards Kubernetes, which can manage diverse workloads such as containers, virtual machines (VMs), and bare metal environments, accelerates the migration from traditional virtualization platforms.
|
By Kartik Bharath
A common challenge with multi-cluster connectivity is that networking solutions have a prerequisite of pod-to-pod connectivity enabled between the clusters that are to be meshed. This typically requires the user to take care of the underlying network infrastructure in terms of routing.
|
By Reza Ramezanpour
Kubernetes is used everywhere, from test environments to the most critical production foundations that we use daily, making it undoubtedly a de facto in cloud computing. While this is great news for everyone who works with, administers, and expands Kubernetes, the downside is that it makes Kubernetes a favorable target for malicious actors. Malicious actors typically exploit flaws in the system to gain access to a portion of the environment.
|
By Reza Ramezanpour
System observability is an essential part of identifying performance issues within your environment because it provides a comprehensive view of how your systems are operating at a glance. Typically, observability is achieved through the collection and analysis of metrics. These metrics, generated by your applications, are deliberately incorporated by developers into the source code to offer insights into the application’s internal processes.
|
By Dhiraj Sehgal
For DevOps and platform teams working with containers and Kubernetes, reducing downtime and improving security posture is crucial. A clear understanding of network topology, service interactions, and workload dependencies is required in cloud-native applications. This is essential for securing and optimizing the Kubernetes deployment and minimizing response time in the event of failure.
|
By Tigera
Tigera provides the industry’s only active Cloud-Native Application Protection Platform (CNAPP) with full-stack observability for containers, Kubernetes, and cloud. Calico prevents, detects, troubleshoots, and automatically mitigates exposure risks of security issues in build, deploy, and runtime stages across multi-cluster, multi-cloud, and hybrid deployments. Calico works with popular managed Kubernetes services such as AKS, EKS, and GKE, as well as self-managed Kubernetes distributions including Red Hat OpenShift, SUSE/Rancher, VMware Tanzu, and Mirantis.
|
By Tigera
How can you scale your organization without losing an understanding of your environment? Services mesh is here to help! It gives you the observability of connected services and is easier to adopt than you might think. Come and learn service mesh concepts, best practices, and key challenges.
|
By Tigera
Attackers are continuously evolving their techniques to target Kubernetes. They are actively using Kubernetes and Docker functionality in addition to traditional attack surfaces to compromise, gain required privileges and add a backdoor entry to the clusters. A combination of Kubernetes security and observability tools is required to ensure the cloud infrastructure monitoring and lockdown and to enable DevSecOps teams with the right tools for the job.
|
By Tigera
It’s a daunting task starting down the path to securing your workloads running on Kubernetes in the Cloud. There are no shortages of vendors with great tools in the Cloud security space. There is a multitude of domains that must be accounted for, along with internal challenges in bringing an organization along into new ways of thinking. This talk will focus on Discover’s Cloud security journey, with an overview of how the program has evolved over the last 4 years, key capabilities & concepts that have been embraced and challenges faced.
|
By Tigera
Containers, Microservices, and cloud-based applications have revolutionized the way companies build and deliver products globally. This has also changed the attack surface and requires very different security strategies and tools to avoid exposure to sensitive information and other cyber attacks. Regulatory compliance has also evolved making it ever so important for companies to adapt to this new paradigm.
|
By Tigera
Join us as we look at the advantages, but also the practical challenges, of applying modern, policy-as-code ("PaC") approaches in a modern cloud-ready enterprise. This talk will show how Morgan Stanley is drawing upon years of experience in its own proprietary implementation of PaC in its approach to embracing today's ideas. We will look at a diverse set of considerations from GitOps as a method to applying PaC in modern software development and deployment to enforcement of best practices and compliance in the Cloud.
|
By Tigera
Security as an afterthought is no longer an option and must be deeply embedded in the design and implementation of the products that will be running in the cloud. It is increasingly more critical for many security teams to be almost, if not equally, knowledgeable of the emerging and rapidly evolving technology. Join Manish Sampat from Tigera, as explores the topic in detail with Stan Lee from Paypal.
|
By Tigera
Through practical guidance and best practice recommendations, this book will help you understand why cloud-native applications require a modern approach to security and observability practices, and how to adopt a holistic security and observability strategy for building and securing cloud-native applications running on Kubernetes.
|
By Tigera
A step-by-step eBook covering everything you need to know to confidently approach Kubernetes networking, starting with basic networking concepts, all the way through to advanced Kubernetes networking with eBPF.
|
By Tigera
This whitepaper explains five best practices to help meet network security and compliance requirements for modern microservices stack.
|
By Tigera
Discover how Tigera can help you achieve a scalable, secure, and compliant approach to containers on AWS.
|
By Tigera
This guide contains detailed technical instructions on how to install and configure network security on Kubernetes platforms.
|
By Tigera
Tigera commission an unbiased, third-party research firm to speak with enterprise security professionals to understand the state of network security with modern applications.
|
By Tigera
OpenShift provides a declarative, automated platform to integrate developer workflows into application deployments leveraging open source building blocks such as Kubernetes.
|
By Tigera
Applying a uniform policy framework allows enterprises to achieve consistent network policy across multiple container orchestrators.
|
By Tigera
Using simplicity to deliver the performance, stability, and manageability for application connectivity at scale in cloud native platforms such as Kubernetes.
- October 2024 (1)
- September 2024 (2)
- August 2024 (1)
- July 2024 (3)
- June 2024 (2)
- May 2024 (5)
- April 2024 (2)
- March 2024 (2)
- February 2024 (2)
- December 2023 (3)
- October 2023 (1)
- September 2023 (1)
- August 2023 (4)
- July 2023 (2)
- June 2023 (3)
- May 2023 (3)
- April 2023 (1)
- February 2023 (3)
- January 2023 (5)
- December 2022 (2)
- November 2022 (2)
- October 2022 (2)
- September 2022 (1)
- August 2022 (4)
- July 2022 (1)
- June 2022 (5)
- May 2022 (3)
- April 2022 (1)
- March 2022 (2)
- February 2022 (4)
- January 2022 (4)
- December 2021 (5)
- November 2021 (5)
- October 2021 (6)
- September 2021 (4)
- August 2021 (7)
- July 2021 (7)
- June 2021 (22)
- May 2021 (6)
- April 2021 (3)
- March 2021 (3)
- February 2021 (4)
- January 2021 (9)
- December 2020 (8)
- November 2020 (7)
- October 2020 (10)
- September 2020 (13)
- August 2020 (14)
- July 2020 (12)
- June 2020 (10)
- May 2020 (14)
- April 2020 (7)
- March 2020 (6)
- February 2020 (2)
- January 2020 (1)
- December 2019 (3)
- November 2019 (3)
- October 2019 (5)
- September 2019 (4)
- August 2019 (3)
- July 2019 (10)
- June 2019 (9)
- May 2019 (10)
- April 2019 (8)
- March 2019 (11)
- February 2019 (9)
- January 2019 (9)
- December 2018 (3)
- November 2018 (3)
- October 2018 (4)
- September 2018 (1)
- August 2018 (1)
- July 2018 (3)
- May 2018 (1)
Kubernetes is being adopted by every major enterprise on the planet for deploying modern, containerized applications. However, containers are highly dynamic and break their existing security models. Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.
Tigera’s technology is recognized and trusted as the de facto standard for Kubernetes network security. Our open source software, Tigera Calico, provides production-grade security, and our commercial offerings layer on advanced security capabilities, enterprise controls, and compliance reporting.
Kubernetes Requires a Modern Approach to Security and Compliance:
- Zero-Trust Network Security: With 40% or more of all breaches originating from within the network, you must always have to assume that something has been compromised. Applications running on Kubernetes make heavy use of the network for service to service communication. However, most clusters have been left wide open and are vulnerable to attack. A zero trust approach is the most secure way to lock down your Kubernetes platform.
- Continuous Compliance: Kubernetes is dynamic and constantly changing. Moments after a compliance audit is completed the environment will have changed again. A continuous compliance solution is the only way to prove that your security controls have been implemented properly now and historically.
- Visibility and Traceability: Applications running on Kubernetes Platforms have constantly changing IP addresses and locations that makes it impossible to use traditional flow logs to debug issues and investigate anomalous activity. The only accurate approach is to use Kubernetes labels and workload identity in your netflow logs.
- Multi-cloud and Legacy: Many applications running on Kubernetes will not be greenfield. Applications often need to communicate securely with other systems outside of the cluster, such as on-premises or cloud-based VMs, bare metal servers and databases. To achieve zero trust security for Kubernetes, your security policies must be capable of expanding beyond the cluster.
Zero Trust Network Security and Continuous Compliance for Kubernetes Platforms.