November 30, 2023
Addressing 4 Critical OSS Security Challenges with Weave GitOps Assured
Explore the top 4 critical security risks in open-source software and how Weave GitOps Assured can help prevent them. Learn about the top four OSS security challenges and the solution’s comprehensive strategy for robust protection.
October 24, 2023
What is the Digital Operational Resilience Act (DORA)?
Explore the Digital Operational Resilience Act (DORA) and its significance for EU financial institutions. Dive into the five compliance pillars and learn how Weaveworks can assist in meeting DORA's requirements.
July 31, 2023
Automated Security in GitOps Pipelines with Weave Policy Engine
Discover the power of Weave Policy Engine for automated security in GitOps pipelines. Strengthen your Kubernetes applications' security and compliance with policy-as-code enforcement. Learn more.
June 26, 2023
Kubernetes Security - A Complete Guide to Securing Your Containers
Learn about Kubernetes Security, the 4Cs of Kubernetes, and nodes. Fully manage and operate Kubernetes with the help of Weave Works
December 14, 2022
Policy as code Shifts Security Left
Shift left is essential to catch issues early on in a development cycle. Policy as code extends this model to security and compliance. Learn more about it in this blog.
November 01, 2022
How Trusted Delivery Unifies Security Practices Like IAM, RBAC, & ABAC
The use of policy as code in GitOps pipelines simplifies the implementation of security practices such as RBAC, ABAC, and IAM. This post covers how policy as code can be used to define these practices declaratively and run compliance checks recurringly with Git as the single source of truth.
October 27, 2022
No More Manual Reviews — Policy as Code to the Rescue
Using policy as code is the most advanced method of implementing policy-based governance. In this post, we look at how policies are used to automate the entire workflow of security & compliance.
October 06, 2022
GitOps Cloud Security Model - An Infographic
In this GitOps cloud security model infographic, we showcase how you can fortify your CI/CD pipelines against misconfigurations and potential data breaches.
September 06, 2022
Shifting Security Left with GitOps and Trusted Delivery
What does it mean to shift security left in GitOps pipeline and how can you do so with policy as code? Let’s find out.
August 30, 2022
Secure your CI/CD pipeline with Trusted Delivery
CI/CD pipelines are integral to modern software development teams. Find out the security risks associated with CI/CD pipelines and how trusted delivery can help you mitigate them.
August 23, 2022
Guide to Hybrid Cloud Security
What is hybrid cloud security? Hybrid cloud security is about protecting data, applications, and associated workloads hosted across multiple public and private cloud environments.
August 16, 2022
How Trusted Delivery Can Protect You From Becoming The Next Tech Horror Story
Trusted delivery through policy-as-code is the best way to secure your GitOps pipeline against cyber attacks such as cloud misconfigurations. Take steps to avoid being the next news headline.
July 12, 2022
Security & IAM policies in a GitOps world
The GitOps approach is not just for deployment velocity, but to improve security of the pipeline. In this post, learn how to incorporate security and IAM policies the GitOps way.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes
What is MITRE ATT&CK Matrix? Learn about a comprehensive knowledge base of adversary tactics and techniques involved in cyber attacks.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 3
Learn about the last three threat vectors in Kubernetes: lateral movement, collection, and impact.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 2
Learn about the next three threat vectors in Kubernetes: defense evasion, credential access, and discovery.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 1
Learn about the first four threat vectors in Kubernetes: initial access, execution, persistence, and privilege escalation.
June 14, 2022
Weave Policy Library: Introducing HIPAA Policies
In our latest Weave GitOps release, we added trusted application delivery and policy-as-code capabilities to Weave GitOps. Part of this release is the Weave Policy Library, which includes HIPPA compliance standards among other compliance family policies such as CIS Benchmarks and PCI DSS. Read on to learn more about the Weave Policy Library and HIPAA policies.
May 31, 2022
Security for Application Delivery shifts left with GitOps for Visual Studio Code
The VS Code extension adds a Weave GitOps button in the sidebar of your IDE that allows you to access GitOps features without switching to another dashboard. You can view GitOps components and components as well as trigger reconciliation- read our latest blog for details.
March 31, 2022
Adding Policy as Code to GitOps Pipelines
Previously we introduced the benefits of policy as code, and how it works. In this blog, we continue where we left off and dive deeper into how policy as code can be embedded into GitOps pipelines.