May 12, 2021
Distributed tracing, like logging and observability, is a key functionality for keeping your services healthy and predictable. Contrary to logs and observability, which shows what happens on a service, tracing allows developers and operators to follow a specific request and how it calls different services and dependencies. It is designed around microservices architecture, which—unlike monolith architecture—uses many small services to run a platform. These services communicate with each other as well as with external services to provide and store the information users request.
Apr 20, 2021
K8s has a built-in object (sort of) for managing network security (NetworkPolicy). While it allows the user to define the relationship between pods with ingress and egress policies, it’s still quite basic and requires very precise IP mapping - for a solution that’s constantly changing, so most users I’ve talked to are not using it. Users need a simplified solution that protects their K8s networks to the max - a solution that makes network security in K8s a do-able task with the highest security level possible: mutual TLS between microservices and real zero trust deployment. And no, this is not a sidecar solution….
Apr 7, 2021
Supply chain software, unsafe toolkits, container vulnerabilities and the list go on.
Apr 3, 2021
Can you keep a secret? Hope so, because in this blog, I reveal the secrets of Kubernetes secrets. First, I dive into the mechanics of Kubernetes secrets and then move to how to protect them.
Feb 2, 2021
A brief overview of attachment methods when securing Kubernetes environments
Dec 6, 2020
ARMO announces native support for AWS Nitro Enclaves, making confidential computing readily available for DevOps use without requiring developers involvement, application re-architecting, code changes.
Oct 22, 2020
The latest exploit in the series of issues with cloud infrastructure software, “ContainerDrip” , reveals again the problems with basic HTTP authentication
Sep 30, 2020
CVE-2020-14386 reminds us that the fight against vulnerabilities is not over, luckily for Cyber Armor customers, they were immune by design to such vulnerabilities. In this blog we discuss the exploitation of CVE-2020-14386 and why Cyber Armor approach is not only immune to it, but also future proof against yet unknown such vulnerabilities.
Jul 29, 2020
Cyber Armor takes a look at the latest announcement of Traffic Director’s support for gRPC Proxyless services in service mesh and what it means to developers and architects.
Jun 4, 2020
Cyber Armor has now achieved Red Hat Operator certification for OpenShift. The collaboration extends Cyber Armor’s security technology to thousands of Red Hat enterprise customers, enabling them to get one-click zero-trust on top of their OpenShift clusters and protect their microservices from CI/CD to Runtime
May 20, 2020
Leonid Sandler, Co-Founder and CTO of Cyber Armor, set for an interview with Safety Detective’s Aviva Zacks on the inspiration behind the company.
Mar 23, 2020
In many ways, software malware and biological viruses are similar, therefore it made sense for us to take a look at what happens in the world with the impact of the Coronavirus, compare it with how cloud environments are being protected, and see what we can learn from the comparison.
Feb 11, 2020
Two vulnerabilities found in Microsoft’s Azure cloud services have been recently published by researchers. These vulnerabilities prove once again that un-trusted workloads can come from many places in the cloud environment, including the out-of-your-control cloud infrastructure. Zero-trust environments can be created as a generic solution for such potential attacks.
Jan 23, 2020
A few fundamental security problems exist in the traditional microservices identity authentication Methods. These problems result in identity establishment, which is not always trustworthy, and enables potential attackers to pose as legitimate workloads. Adoption of multi-factor authentication for microservices can solve many of these challenges.
Jan 13, 2020
While the move to microservices-based architecture is relatively new, it is already mainstream. A majority of companies are choosing it as their default architecture for new development,and you are not cool if you are not using microservices. With regards to migrating legacy apps and breaking them down to microservices, companies are showing more conservatism, and rightly so. The move creates a lot of value, mainly around new features, time to market, and scalability, but it also has its complexities and trade offs.
Jan 13, 2020
Confidential Computing technology is an important step toward a safer digital space. Building the right tools and the right architectures around this technology to help companies utilize it is key. These technologies should provide strong confidential computing protection without requiring changing existing software components.
Jan 13, 2020
Migrating our data to the cloud has never been easier in terms of technology. So why are so many companies still concerned with moving their data to the cloud? The answer lies in the fact that technology is a small part of moving to the cloud. Data cloud migration requires architectural changes and in many times - a mindshift.
Dec 23, 2019
Certificate, private keys, encryption keys, and other secrets proliferate in a secured cloud native environment. Making sure these keys are protected in a scalable and secured way is becoming ever more critical and are a major part of establishing a real zero-trust environment.