Twistlock Rethinks the Developer Pipeline for Securing Hyperscale Applications – InApps is an article under the topic Devops Many of you are most interested in today !! Today, let’s InApps.net learn Twistlock Rethinks the Developer Pipeline for Securing Hyperscale Applications – InApps in today’s post !
Read more about Twistlock Rethinks the Developer Pipeline for Securing Hyperscale Applications – InApps at Wikipedia
Also available on Apple Podcasts, Google Podcasts, Overcast, PlayerFM, Pocket Casts, Spotify, Stitcher, TuneIn
In the chain of events that defines the modern evolutionary path of the application — a path that now includes microservices, persistent containers, orchestrators, monitors, and “kubelets” — when does the security part begin? We’ve talked in recent years about “baking security into” applications. But now that hyperscale applications are becoming, by definition, aggregates of correlated functions, there’s no longer a single “baking” process, if you will.
So the issue of containerization security shifts back to where it began in 2014, with the question of whether a secure system can compensate for insecure communication.
“There’s a lot more responsibility that’s on the developer, or at least in the developer’s workflow, to secure that application,” said John Morello, chief technology officer for container security platform provider Twistlock, speaking on this latest episode of InApps Makers podcast, in an interview done for our upcoming eBook, “The State of the Kubernetes Ecosystem.”
Because unlike that world of [virtual machines] in which you may deploy WordPress out there one day, and then your operations team is going to scan that environment with Nessus or Qualys or a tool such as that, and find some vulnerabilities, then SSH into that VM and update the components in that VM… in the new world of containers, your developers need to know that, because your developers need to recreate the images that are vulnerable. And then they need to deploy those new images to replace whatever’s out there.”
In This Edition:
2:20: How the components of distributed systems should interact with users and each other.
5:08: Making sure the right people are integrated into the process at the right time.
9:24: What has to change for an organization that has adopted a CI/CD infrastructure?
18:12: The reality of operational tools and practices used when securing containers.
21:19: The process of developing non-vulnerable code from the very beginning and enforcing better communication in code.
23:39: Is there anything Kubernetes needs to do to facilitate a stronger security landscape?
Twistlock is a sponsor of InApps.
Let’s create the next big thing together!
Coming together is a beginning. Keeping together is progress. Working together is success.