November 01, 2022
How Trusted Delivery Unifies Security Practices Like IAM, RBAC, & ABAC
The use of policy as code in GitOps pipelines simplifies the implementation of security practices such as RBAC, ABAC, and IAM. This post covers how policy as code can be used to define these practices declaratively and run compliance checks recurringly with Git as the single source of truth.
August 30, 2022
Secure your CI/CD pipeline with Trusted Delivery
CI/CD pipelines are integral to modern software development teams. Find out the security risks associated with CI/CD pipelines and how trusted delivery can help you mitigate them.
August 23, 2022
Guide to Hybrid Cloud Security
What is hybrid cloud security? Hybrid cloud security is about protecting data, applications, and associated workloads hosted across multiple public and private cloud environments.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes
What is MITRE ATT&CK Matrix? Learn about a comprehensive knowledge base of adversary tactics and techniques involved in cyber attacks.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 3
Learn about the last three threat vectors in Kubernetes: lateral movement, collection, and impact.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 2
Learn about the next three threat vectors in Kubernetes: defense evasion, credential access, and discovery.
July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 1
Learn about the first four threat vectors in Kubernetes: initial access, execution, persistence, and privilege escalation.
June 14, 2022
Weave Policy Library: Introducing HIPAA Policies
In our latest Weave GitOps release, we added trusted application delivery and policy-as-code capabilities to Weave GitOps. Part of this release is the Weave Policy Library, which includes HIPPA compliance standards among other compliance family policies such as CIS Benchmarks and PCI DSS. Read on to learn more about the Weave Policy Library and HIPAA policies.
May 31, 2022
Security for Application Delivery shifts left with GitOps for Visual Studio Code
The VS Code extension adds a Weave GitOps button in the sidebar of your IDE that allows you to access GitOps features without switching to another dashboard. You can view GitOps components and components as well as trigger reconciliation- read our latest blog for details.
April 23, 2021
What is DevSecOps and Why is it Important?
Learn what is DevSecOps, why is it needed, and its importance to remain competitive and agile in today’s fast-paced world.
March 30, 2021
Using Cloud-Native BuildPacks for Operational Efficiency
CNB offers a rich capability for building OCI images. Learn about layer caching practices, image inspection, and runtime rebasing.
July 15, 2020
Enforce Ingress Best Practices Using OPA
In this blog article we'll explain how to define policies that ensure that no bad Ingress definitions will be deployed to cluster.
June 25, 2020
Enforce Kubernetes Network Security Policies Using OPA
OPA is a general-purpose, platform-agnostic policy enforcement tool. Read this blog to learn about how to utilize an OPA.
June 09, 2020
Integrate OPA Into Your Kubernetes Cluster Using Kube-mgmt
We'll cover how to deploy OPA from scratch, and apply a sample policy that enforces using an Ingress hostname from a whitelist.
June 02, 2020
Integrating Open Policy Agent (OPA) With Kubernetes
Explore how to integrate OPA with Kubernetes and see some examples of the power that this integration can bring to policy enforcement.
July 12, 2017
Container Security with Dan Walsh
There are several factors to consider when securing containerized applications. Where containers are deployed, how they are isolated and which capabilities to disable are important steps to take to ensure that your dockerized applications are secure.
May 19, 2017
Adding a Service to Weave Cloud and Other Best Practices
Learn how to add a service to Weave Cloud – from naming and organization to security and monitoring, Tom Wilkie shares best practices and lessons learned.
February 20, 2016
Weave unaffected by GNU C library vulnerability CVE 2015-7547
This week a serious vulnerability (CVE 2015-7547) was announced in the GNU C library installed on most popular Linux systems, which could enable a remote code execution attack. Software that makes use of the glibc DNS resolver...
September 04, 2015
Weave & CliQr: Improving Security and Portability of Container-Based Apps
Our friends over at CliQr recently blogged about integrating Weave Net with CliQr’s CloudCenter & Application-Defined Cloud Management Platform. What’s particularly interesting about this case is the portability of Weave Net,...