December 14, 2022
Policy as code Shifts Security Left
Shift left is essential to catch issues early on in a development cycle. Policy as code extends this model to security and compliance. Learn more about it in this blog.
November 01, 2022
How Trusted Delivery Unifies Security Practices Like IAM, RBAC, & ABAC
The use of policy as code in GitOps pipelines simplifies the implementation of security practices such as RBAC, ABAC, and IAM. This post covers how policy as code can be used to define these practices declaratively and run compliance checks recurringly with Git as the single source of truth.
October 27, 2022
No More Manual Reviews — Policy as Code to the Rescue
Using policy as code is the most advanced method of implementing policy-based governance. In this post, we look at how policies are used to automate the entire workflow of security & compliance.
October 06, 2022
GitOps Cloud Security Model - An Infographic
In this GitOps cloud security model infographic, we showcase how you can fortify your CI/CD pipelines against misconfigurations and potential data breaches.
September 06, 2022
Shifting Security Left with GitOps and Trusted Delivery
What does it mean to shift security left in GitOps pipeline and how can you do so with policy as code? Let’s find out.
August 30, 2022
Secure your CI/CD pipeline with Trusted Delivery
CI/CD pipelines are integral to modern software development teams. Find out the security risks associated with CI/CD pipelines and how trusted delivery can help you mitigate them.
August 23, 2022
Guide to Hybrid Cloud Security
What is hybrid cloud security? Hybrid cloud security is about protecting data, applications, and associated workloads hosted across multiple public and private cloud environments.
August 16, 2022
How Trusted Delivery Can Protect You From Becoming The Next Tech Horror Story
Trusted delivery through policy-as-code is the best way to secure your GitOps pipeline against cyber attacks such as cloud misconfigurations. Take steps to avoid being the next news headline.
July 12, 2022
Security & IAM policies in a GitOps world
The GitOps approach is not just for deployment velocity, but to improve security of the pipeline. In this post, learn how to incorporate security and IAM policies the GitOps way.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes
What is MITRE ATT&CK Matrix? Learn about a comprehensive knowledge base of adversary tactics and techniques involved in cyber attacks.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 3
Learn about the last three threat vectors in Kubernetes: lateral movement, collection, and impact.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 2
Learn about the next three threat vectors in Kubernetes: defense evasion, credential access, and discovery.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 1
Learn about the first four threat vectors in Kubernetes: initial access, execution, persistence, and privilege escalation.
June 14, 2022
Weave Policy Library: Introducing HIPAA Policies
In our latest Weave GitOps release, we added trusted application delivery and policy-as-code capabilities to Weave GitOps. Part of this release is the Weave Policy Library, which includes HIPPA compliance standards among other compliance family policies such as CIS Benchmarks and PCI DSS. Read on to learn more about the Weave Policy Library and HIPAA policies.
May 31, 2022
Security for Application Delivery shifts left with GitOps for Visual Studio Code
The VS Code extension adds a Weave GitOps button in the sidebar of your IDE that allows you to access GitOps features without switching to another dashboard. You can view GitOps components and components as well as trigger reconciliation- read our latest blog for details.
March 31, 2022
Adding Policy as Code to GitOps Pipelines
Previously we introduced the benefits of policy as code, and how it works. In this blog, we continue where we left off and dive deeper into how policy as code can be embedded into GitOps pipelines.
March 29, 2022
Trusted Delivery with GitOps and Policy as Code
Trusted Delivery - policy as code in GitOps pipelines - can boost developer velocity, proactively prevent cloud misconfigurations, and accelerate software delivery. Learn more about what Trusted Delivery is in our latest whitepaper, and how you can get started.
August 16, 2021
What is Policy-as-Code and Why it's Needed?
What is policy-as-code and the benefits organizations can reap by implementing policy-as-code.
July 22, 2021
The Art of Modern Ops: Authorize better with OPA - security policy as code
The Art of Modern Ops is a regular podcast on modernizing cloud infrastructure from Cornelia Davis, Weaveworks CTO and author of the book Cloud Native Patterns. In the latest episode, Cornelia interviews Gareth Rushgrove, VP of Product at...
May 25, 2021
How to Start Left with Security Using Git Pre-Commit Hooks
Understand how you can shift security left by using pre-commit hooks in Git before committing to the code base.