CloudSec Academy

Benvenuto in CloudSec Academy, la tua guida per navigare nella zuppa alfabetica degli acronimi sulla sicurezza del cloud e del gergo del settore. Elimina il rumore con contenuti chiari, concisi e realizzati da esperti che coprono i fondamenti e le best practice.

What is Security by Design?

Team di esperti Wiz

Security by design is a software development approach that aims to establish security as a pillar, not an afterthought, i.e., integrating security controls into software products right from the design phase.

Guide to Standard SBOM Formats

Team di esperti Wiz

Two major formats dominate the SBOM ecosystem: Software Package Data Exchange (SPDX) and CycloneDX (CDX). Let’s review!

Kubernetes Security Context: Best practices

In Kubernetes, a security context defines privilege and access control settings for a Pod or Container. It allows you to specify security configurations such as user and group IDs, filesystem permissions, and capabilities.

Container monitoring explained

Container monitoring is the process of collecting, analyzing, and reporting metrics and data related to the performance and health of containerized applications and their hosting environments.

Kubernetes RBAC Explained

Kubernetes role-based access control (RBAC) serves as a foundational security layer within Kubernetes. It is essential for regulating access to the K8s API and its resources, allowing organizations to define user roles with specific permissions to effectively control who can see or interact with what resources within a cluster.

Code Security

Code security, also known as secure coding, refers to the practices, methodologies, and tools designed to ensure that the code written for applications and systems is secure from vulnerabilities and threats.

Container Orchestration

Container orchestration involves organizing groups of containers that make up an application, managing their deployment, scaling, networking, and their availability to ensure they're running optimally.

What is containerization?

Containerization encapsulates an application and its dependencies into a container image, facilitating consistent execution across any host operating system supporting a container engine.

Kubernetes as a service

Kubernetes as a service (KaaS) is a model in which hyperscalers like AWS, GCP, and Azure allow you to quickly and easily start a Kubernetes cluster and begin deploying workloads on it instantly.

Kubernetes Vulnerability Scanning

Kubernetes vulnerability scanning is the systematic process of inspecting a Kubernetes cluster (including its container images and configurations) to detect security misconfigurations or vulnerabilities that could compromise the security posture of the cluster.

Container Registries Explained

A container registry is a service that stores, manages, and distributes application images. Its architecture is designed to ensure availability by providing a centralized resource for container image discovery, distribution, and deployment.

Top Docker Alternatives

Team di esperti Wiz

In this guide, we'll look at a variety of Docker alternatives that provide different benefits for your workloads—such as daemonless operation, a simplified management experience, improved container security, and enhanced scalability and orchestration for production environments.

What is DevSecOps?

DevSecOps, which stands for Development, Security, and Operations, is a software development practice that emphasizes integrating security considerations throughout the entire development lifecycle, from initial design to deployment and ongoing maintenance.

Kubernetes Alternatives for Container Orchestration

Team di esperti Wiz

This blog post explores the world of container orchestration tools beyond Kubernetes, highlighting cloud provider tools and open-source alternatives that promise to redefine how we deploy and manage applications.

Secure Coding Explained

Team di esperti Wiz

Secure coding is the practice of developing software that is resistant to security vulnerabilities by applying security best practices, techniques, and tools early in development.

What is KSPM?

Kubernetes Security Posture Management (KSPM) is the practice of monitoring, assessing, and ensuring the security and compliance of Kubernetes environments.

Container Security Scanning

Container security scanning is a process that systematically analyzes container images for vulnerabilities and security issues, allowing developers to address potential threats before they escalate into breaches.

Container Scanning Tools

Looking to make the most of containerization while minimizing risk? Container scanning solutions are a critical line of defense that help ensure the safe and secure deployment of applications.

Secure SDLC

Secure SDLC (SSDLC) is a framework for enhancing software security by integrating security designs, tools, and processes across the entire development lifecycle.

AI Security Explained: How to Secure AI

Team di esperti Wiz

AI is the engine behind modern development processes, workload automation, and big data analytics. AI security is a key component of enterprise cybersecurity that focuses on defending AI infrastructure from cyberattacks.

CI/CD Pipeline Security Best Practices

Continuous integration and continuous delivery (CI/CD) have become the backbone of modern software development, enabling rapid, reliable, and consistent delivery of software products. To bolster your CI/CD pipeline, ensuring resilience against ever-evolving threats, follow the best practices in this guide.

IaC Security Explained

Infrastructure as Code (IaC) security is the practice of securing cloud infrastructure by embedding security controls into IaC templates and scripts.

The top 11 open-source Kubernetes security tools

It’s a good idea to consider a range of Kubernetes security tools. Open source solutions can greatly improve the security of your Kubernetes clusters, so this section explores the top 11 open-source Kubernetes security tools that can help to safeguard your Kubernetes environment.

AWS Security Best Practices

Team di esperti Wiz

10 essential AWS security best practices every organization should start with

Top Native AWS Security Tools

Team di esperti Wiz

11 native tools for IAM, data protection, network and application protection, compliance management, and threat detection