{"id":52704,"date":"2018-10-05T12:27:24","date_gmt":"2018-10-05T12:27:24","guid":{"rendered":"http:\/\/www.sickgaming.net\/blog\/2018\/10\/05\/continuous-security-with-kubernetes\/"},"modified":"2018-10-05T12:27:24","modified_gmt":"2018-10-05T12:27:24","slug":"continuous-security-with-kubernetes","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2018\/10\/05\/continuous-security-with-kubernetes\/","title":{"rendered":"Continuous Security with Kubernetes"},"content":{"rendered":"
<\/div>\n

As the Chief Technologist at Red Hat for the western region, Christian Van Tuin has been architecting solutions for strategic customers and partners for over a decade. He\u2019s lived through the rise of DevOps and containers. And in his role, he\u2019s found that security is the highest adoption barrier for enterprises interested in harnessing the power of containers.<\/span><\/span><\/p>\n

After all, \u201cNow we\u2019re seeing an increasing level of threats for geopolitical reasons, and we\u2019re seeing the dissolving security perimeter,\u201d says Van Tuin. \u201cEverything doesn\u2019t sit behind the firewall in your data center anymore, and there\u2019s a shift to software-based storage, networking and compute. The traditional network base, the fences, are no longer good enough.\u201d<\/span><\/span><\/p>\n

But as he will share during<\/span>his talk at OpenFinTech Forum<\/span><\/a>in New York City, Oct. 10-11, there are security best practices in the areas of DevOps, containers, and Kubernetes that companies can adopt so that everyone can sleep better at night. <\/span><\/span><\/p>\n

\u201cWe\u2019re seeing this evolution to DevSecOps,\u201d he says. \u201cIt\u2019s all about reducing security and business risk, lowering costs, speeding up delivery and reaction time, falling in line with DevOps. And we\u2019re doing this with automation process optimization and continuous security improvement.\u201d <\/span><\/span><\/p>\n

This is particularly relevant for FinTech companies. \u201cWith the move from physical to digital banking, DevSecOps ensures security is integrated into the process from the start of development rather than appended on in production,\u201d says Van Tuin. \u201cAt the same time, it still allows for rapid and frequent releases without security becoming a bottleneck or burden on development.\u201d For instance, <\/span>OpenSCAP<\/span><\/a> can be used to scan container images for compliance with PCI DSS (Payment Card Industry Security Standard) and customer security policies for banking. <\/span><\/span><\/p>\n

Van Tuin\u2019s best practices are wide-ranging: addressing security risks such as container images, builds, registry, hosts, and network; automating and integrating security vulnerability management and compliance checking in a DevOps CI\/CD pipeline; and deployment strategies for container security updates. And he\u2019s hopeful that there will be more improvements to security around Kubernetes with the growth of Istio service mesh and CoreOS operators. <\/span><\/span><\/p>\n

\u201cOne of the keys to DevSecOps is to ensure that you can enable your developers to rapidly innovate and experiment,\u201d says Van Tuin. And the first thing that needs to happen? \u201cEmbrace security into the culture of the company.\u201d<\/span><\/span><\/p>\n

To hear all about Chris\u2019s strategies for continuous security with DevOps, containers, and Kubernetes, plus talks from other open source leaders, come to OpenFinTech Forum in New York City October 10-11. You can still register <\/span>here<\/span><\/a>!<\/span><\/span><\/em><\/p>\n

Sign up to receive updates on Open FinTech Forum: <\/span><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

As the Chief Technologist at Red Hat for the western region, Christian Van Tuin has been architecting solutions for strategic customers and partners for over a decade. He\u2019s lived through the rise of DevOps and containers. And in his role, he\u2019s found that security is the highest adoption barrier for enterprises interested in harnessing the […]<\/p>\n","protected":false},"author":2,"featured_media":52705,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[40],"tags":[],"class_list":["post-52704","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux-freebsd-unix"],"_links":{"self":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/52704","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/comments?post=52704"}],"version-history":[{"count":0,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/52704\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media\/52705"}],"wp:attachment":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media?parent=52704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/categories?post=52704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/tags?post=52704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}