Welcome to

The ARMO Blog

Jul 13, 2021

Advanced Kubernetes Pod to Node Scheduling

In Kubernetes, the task of scheduling pods to specific nodes in the cluster is handled by the kube-scheduler. The default behavior of this component is to filter nodes based on the resource requests and limits of each container in the created pod. Feasible nodes are then scored to find the best candidate for the pod placement.

Ben Hirschberg

VP R&D & Co-founder

Welcome to

THE ARMO BLOG

Jul 4, 2021

Networking with a Service Mesh: Use Cases, Best Practices, and Comparison of Top Mesh Options

Service mesh technology emerged with the popularization of microservice architectures. Because service mesh facilitates the separation of networking from the business logic, it enables you to focus on your application’s core competency.Microservice applications are distributed over multiple servers, data centers, or continents, making them highly network dependent. Service mesh manages network traffic between services by controlling traffic with routing rules and the dynamic direction of packages between services. 

Amir Kaushansky

VP Product

Apr 20, 2021

The K8s network (security) effect

K8s has a built-in object (sort of) for managing network security (NetworkPolicy). While it allows the user to define the relationship between pods with ingress and egress policies, it’s still quite basic and requires very precise IP mapping - for a solution that’s constantly changing, so most users I’ve talked to are not using it. Users need a simplified solution that protects their K8s networks to the max - a solution that makes network security in K8s a do-able task with the highest security level possible: mutual TLS between microservices and real zero trust deployment. And no, this is not a sidecar solution….

Amir Kaushansky

VP Product

Apr 7, 2021

Time to rethink your security strategy

Supply chain software, unsafe toolkits, container vulnerabilities and the list go on.

Leonid Sandler

CTO & Co-founder

Apr 3, 2021

Revealing the Secrets of Kubernetes Secrets

Can you keep a secret? Hope so, because in this blog, I reveal the secrets of Kubernetes secrets. First, I dive into the mechanics of Kubernetes secrets and then move to how to protect them.

Ben Hirschberg

VP R&D & Co-founder

Feb 2, 2021

Don’t get attached to your attachment!

A brief overview of attachment methods when securing Kubernetes environments

Amir Kaushansky

VP Product

Dec 6, 2020

ARMO Announces Nitro Enclave support - making it DevOps ready out of the box

ARMO announces native support for AWS Nitro Enclaves, making confidential computing readily available for DevOps use without requiring developers involvement, application re-architecting, code changes.

Shauli Rozen

CEO & Co-founder

Oct 22, 2020

ContainerDrip – Another Example of Why HTTP Basic Authentication is Flawed

The latest exploit in the series of issues with cloud infrastructure software, “ContainerDrip” , reveals again the problems with basic HTTP authentication

Ben Hirschberg

VP R&D & Co-founder

Sep 30, 2020

What makes ARMO customers immune - by design – against vulnerabilities like CVE-2020-14386?

CVE-2020-14386 reminds us that the fight against vulnerabilities is not over, luckily for Cyber Armor customers, they were immune by design to such vulnerabilities. In this blog we discuss the exploitation of CVE-2020-14386 and why Cyber Armor approach is not only immune to it, but also future proof against yet unknown such vulnerabilities.

Leonid Sandler

CTO & Co-founder

Jul 29, 2020

ARMO for Google Traffic Director gRPC Proxyless Services

Cyber Armor takes a look at the latest announcement of Traffic Director’s support for gRPC Proxyless services in service mesh and what it means to developers and architects.

Shauli Rozen

CEO & Co-founder

Jun 4, 2020

ARMO Expands Opportunities with Red Hat Certified Operator for OpenShift

Cyber Armor has now achieved Red Hat Operator certification for OpenShift. The collaboration extends Cyber Armor’s security technology to thousands of Red Hat enterprise customers, enabling them to get one-click zero-trust on top of their OpenShift clusters and protect their microservices from CI/CD to Runtime

Shauli Rozen

CEO & Co-founder

May 20, 2020

Leonid Sandler, Founder and CTO, on the Inspiration behind ARMO

Leonid Sandler, Co-Founder and CTO of Cyber Armor, set for an interview with Safety Detective’s Aviva Zacks on the inspiration behind the company.

Shauli Rozen

CEO & Co-founder

Mar 23, 2020

What COVID-19 teaches us about Micro-segmentation and Run-time Cloud Workload Protection

In many ways, software malware and biological viruses are similar, therefore it made sense for us to take a look at what happens in the world with the impact of the Coronavirus, compare it with how cloud environments are being protected, and see what we can learn from the comparison.

Shauli Rozen

CEO & Co-founder

Feb 11, 2020

Recently found Azure vulnerabilities underline the importance of Zero-Trust for cloud workloads

Two vulnerabilities found in Microsoft’s Azure cloud services have been recently published by researchers. These vulnerabilities prove once again that un-trusted workloads can come from many places in the cloud environment, including the out-of-your-control cloud infrastructure. Zero-trust environments can be created as a generic solution for such potential attacks.

Ben Hirschberg

VP R&D & Co-founder

Jan 23, 2020

Do you trust your Microservices Identities?

A few fundamental security problems exist in the traditional microservices identity authentication Methods. These problems result in identity establishment, which is not always trustworthy, and enables potential attackers to pose as legitimate workloads. Adoption of multi-factor authentication for microservices can solve many of these challenges.

Shauli Rozen

CEO & Co-founder

Jan 13, 2020

Cloud Migration: Moving Your Security Mindset Along with Your Data

Migrating our data to the cloud has never been easier in terms of technology. So why are so many companies still concerned with moving their data to the cloud? The answer lies in the fact that technology is a small part of moving to the cloud. Data cloud migration requires architectural changes and in many times - a mindshift.

Ben Hirschberg

VP R&D & Co-founder

Jan 13, 2020

The Migration Path to Microservices & Security Considerations, Of Course

While the move to microservices-based architecture is relatively new, it is already mainstream. A majority of companies are choosing it as their default architecture for new development,and you are not cool if you are not using microservices. With regards to migrating legacy apps and breaking them down to microservices, companies are showing more conservatism, and rightly so. The move creates a lot of value, mainly around new features, time to market, and scalability, but it also has its complexities and trade offs.

Shauli Rozen

CEO & Co-founder

Jan 13, 2020

The Growth of Confidential Computing

Confidential Computing technology is an important step toward a safer digital space. Building the right tools and the right architectures around this technology to help companies utilize it is key. These technologies should provide strong confidential computing protection without requiring changing existing software components.

Leonid Sandler

CTO & Co-founder

Dec 23, 2019

The Chicken & Egg Secret Protection Problem in Micro-services

Certificate, private keys, encryption keys, and other secrets proliferate in a secured cloud native environment. Making sure these keys are protected in a scalable and secured way is becoming ever more critical and are a major part of establishing a real zero-trust environment.

Shauli Rozen

CEO & Co-founder

Product
Product OverviewIntegrations
Use Cases
Truly Secure Kubernetes Secrets in UseEffectively Protect Proprietary Data in 3rd Party SystemsKeep Each Tenant Protected in a Multi-Tenant Environment
Ensure Highest Levels of Data Protection & Privacy
Company
About UsCareersBlogContact Us
follow us
Privacy PolicyCookies Policy
Copyright © 2020, Armo Ltd.