By Christopher LiljenstolpeDec 11, 2018Business Strategy, Kubernetes, Microsegmentation, Network Policy, Security, Zerotrust
Or, How to map my current operational model into the brave new Kubernetes world Recently, I was working with a large customer of ours as part of an engagement to help them work through their security posture for their Kubernetes environment(s). As with most large...
By Christopher LiljenstolpeAug 3, 2018Blog, Security, Zerotrust
Well, the Tiger is going to Black Hat in Las Vegas in a few weeks time, and so I’ve been planning our risk mitigation strategy for when we are there. The last thing I want is for the Tiger to show up on the Wall of Sheep. To that end, I’ve written up an...
By Christopher LiljenstolpeJul 23, 2018Blog, Cybersecurity, Kubernetes, Security, Zerotrust
For almost as long as we have networked computers, we have used the network location or address as their primary identity. Using network location might have made sense when there was a 1:1 mapping between a computer and the thing it was acting for (user, application,...
By Vince LauJul 20, 2018AWS, Blog, Cybersecurity, DevOps, Eks, Kubernetes, Microsegmentation, Zerotrust
Modern application architectures have become mainstream as enterprises experience the benefits of rapid application delivery. Many leverage Amazon EKS as an easy path to Kubernetes. Amazon EKS removes the pain of managing cluster operations and administration tasks;...
By Andrew RandallMar 20, 2018Blog, Calico, Cloud Computing, Cloud Native, Cloud Security, Containers, GCP, Microsegmentation, Network Policy, Networking, Project Calico, Security, Tigera, Tigera Secure, Zerotrust
A best practice for securely deploying Kubernetes applications is to enforce network policy. Google’s announcement today that network policy for Google Kubernetes Engine (GKE) using Calico network policy is now generally available (GA) is a huge step forward for...
By Christopher LiljenstolpeMar 12, 2018AWS, Containers, DevOps, Kubernetes, Microsegmentation, Project Calico, Security, Tigera Secure, Uncategorized, Zerotrust
Heptio’s CTO, Joe Beda, recently posted an insightful blog entry discussing the Tesla Kubernetes compromise. I wanted to dive into one of the areas he mentioned, network policy. Before I do, however, I would make some general observations. While, in hindsight, the...
