This week's articles
Awesome Cloud Native Trainings
#explain
All the free trainings (with and without certificates) released from different companies supporting CNCF Projects and Kubernetes.
Cloud design patterns
#azure, #build
Design patterns for building reliable, scalable, secure applications in the cloud by walking through examples based on Microsoft Azure.
Datadog Security Labs
#announcement
Datadog announced the "Datadog Security Labs", a new dedicated place for their security research content. It will host the release of new open source tools, research projects, emerging threat reports, deep dives, telemetry studies, and more.
|
|
Tools
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
gitleaks-action
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos.
|
|
CloudSecDocs
SLSA
A cheatsheet around SLSA, explaining threats, levels, requirements, and implementations.
|
|
Sponsor
How to secure Kubernetes deployment with signature verification When running containers in a Kubernetes cluster, trusting the images you deploy is key to enforce security. The use of mutable images represents a risk to the secure Kubernetes deployment. Read this blog to learn step-by-step how to implement a secure Kubernetes deployment. Learn More
|
|
|
From the cloud providers
Security Monitoring in Google Cloud
Moving to the cloud comes with the fundamental question of how to effectively manage security and risk posture. From a Security Operations (SecOps) perspective, there are few core requirements that you may need for effective security and risk management in the cloud. Here are four big ones that are essential for SecOps.
|
|
Thanks for reading!
|
If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐ If you have questions, comments, or feedback, let me know on Twitter ( @lancinimarco / @CloudSecList), or at feedback.cloudseclist.com! Thanks, Marco
|
|
|