Wiz Defendが登場: クラウドの脅威検出と対応

CloudSec Academy

CloudSec Academy へようこそ。クラウドセキュリティの頭字語と業界用語のアルファベットスープをナビゲートするためのガイドです。 明確で簡潔、かつ専門的に作成されたコンテンツで、基本的なことからベストプラクティスまでをカバーします。

Using eBPF in Kubernetes: A security overview

Wiz エキスパートチーム

eBPF provides deep visibility into network traffic and application performance while maintaining safety and efficiency by executing custom code in response to the kernel at runtime.

Kubernetes Namespaces: Security Best Practices

Kubernetes namespaces divide a given cluster into virtual clusters, helping to separate and manage resources while still keeping them within the same physical cluster. By segregating workloads and applying policies per namespace, you can create boundaries that keep your multi-tenant environments safe and organized.

Linux containers: A security review

Understanding the nuances of Linux containers is crucial for building robust, secure applications. This blog post provides insights into the practical implementation of containers, focusing on both their strengths and potential pitfalls.

Kubernetes Security Context: Best practices

In Kubernetes, a security context defines privilege and access control settings for a Pod or Container. It allows you to specify security configurations such as user and group IDs, filesystem permissions, and capabilities.

Container monitoring explained

Container monitoring is the process of collecting, analyzing, and reporting metrics and data related to the performance and health of containerized applications and their hosting environments.

Kubernetes RBAC Explained

Kubernetes role-based access control (RBAC) serves as a foundational security layer within Kubernetes. It is essential for regulating access to the K8s API and its resources, allowing organizations to define user roles with specific permissions to effectively control who can see or interact with what resources within a cluster.

CWPP とは? [クラウド ワークロード保護プラットフォーム]

Wiz エキスパートチーム

クラウド ワークロード保護プラットフォーム (CWPP) は、さまざまな種類のクラウド環境にわたるクラウド ワークロードに対する継続的な脅威の監視と保護を提供するセキュリティ ソリューションです。

Container Orchestration

Container orchestration involves organizing groups of containers that make up an application, managing their deployment, scaling, networking, and their availability to ensure they're running optimally.

Kubernetes secrets

A Kubernetes secret is an object in the Kubernetes ecosystem that contains sensitive information (think keys, passwords, and tokens)

What is containerization?

Containerization encapsulates an application and its dependencies into a container image, facilitating consistent execution across any host operating system supporting a container engine.

Containers vs. VMs: What’s the difference?

Wiz エキスパートチーム

In a nutshell, containers and virtual machines (VMs) are two inherently different approaches to packaging and deploying applications/services in isolated environments.

Kubernetes as a service

Kubernetes as a service (KaaS) is a model in which hyperscalers like AWS, GCP, and Azure allow you to quickly and easily start a Kubernetes cluster and begin deploying workloads on it instantly.

Kubernetes Vulnerability Scanning

Kubernetes vulnerability scanning is the systematic process of inspecting a Kubernetes cluster (including its container images and configurations) to detect security misconfigurations or vulnerabilities that could compromise the security posture of the cluster.

Container Registries Explained

A container registry is a service that stores, manages, and distributes application images. Its architecture is designed to ensure availability by providing a centralized resource for container image discovery, distribution, and deployment.

Top Docker Alternatives

Wiz エキスパートチーム

In this guide, we'll look at a variety of Docker alternatives that provide different benefits for your workloads—such as daemonless operation, a simplified management experience, improved container security, and enhanced scalability and orchestration for production environments.

Kubernetes Alternatives for Container Orchestration

Wiz エキスパートチーム

This blog post explores the world of container orchestration tools beyond Kubernetes, highlighting cloud provider tools and open-source alternatives that promise to redefine how we deploy and manage applications.

AKS Security Best Practices

Azure Kubernetes Service (AKS) delivers Kubernetes as a managed service in Azure and is popular among organizations looking for a hassle-free Kubernetes solution in the cloud.

Container Platforms

Wiz エキスパートチーム

A container platform is a comprehensive solution that allows organizations to efficiently create, deploy, and manage containers.

What is KSPM?

Kubernetes Security Posture Management (KSPM) is the practice of monitoring, assessing, and ensuring the security and compliance of Kubernetes environments.

Container Security Scanning

Container security scanning is a process that systematically analyzes container images for vulnerabilities and security issues, allowing developers to address potential threats before they escalate into breaches.

Container Image Signing

Container image signing is a critical security process for establishing trust. Just as you'd expect a signature to verify the authenticity of a document, image signing does the same for container images—those neat packages that carry your code along with all the necessary parts to run it anywhere.

Container Scanning Tools

Looking to make the most of containerization while minimizing risk? Container scanning solutions are a critical line of defense that help ensure the safe and secure deployment of applications.

The top 11 open-source Kubernetes security tools

It’s a good idea to consider a range of Kubernetes security tools. Open source solutions can greatly improve the security of your Kubernetes clusters, so this section explores the top 11 open-source Kubernetes security tools that can help to safeguard your Kubernetes environment.