OpenClarity: A Community-Led Approach to Cloud-Native Application Security

By: Tim Miller
Oct 27 2022

Developing decentralized applications is simultaneously freeing and scary. The freedom comes from being able to develop, release, and upgrade application components without being bound by a huge, monolithic release cycle. And if something goes wrong...

FunctionClarity: The Key to Secure Serverless Computing

By: Tim Miller
Oct 27 2022

Serverless computing frees developers to focus on developing and deploying cloud-native features and services faster, without having to manage infrastructure. Untethered from platform and operating-system management, these functions allow developers...

Speed Versus Security: Tackling the “Developer’s Dilemma”

By: Rami H.
Sep 19 2022

Today’s developer just can’t win. It’s a continuous tug of war between business objectives—the boss who wants releases “faster, faster, faster!” and the security team, who keeps halting releases because of insecure code—with the develo...

Securing Serverless Applications Against the Most Critical Risks

By: Sarabjeet Chugh
Sep 19 2022

If you’re a developer working in a cloud environment, there’s a good chance that you’ve either started thinking about serverless computing or have already started to deploy it. And why not? Unlike VMs or container clusters, serverless function...

Seeing the Unseen: Gaining Visibility into API Payload Encryption

By: Alessandro Duminuco
Jun 7 2022

When it comes to API security, end-to-end encryption presents something of a paradox. On one hand, encryption secures the data that is exchanged during transactions. This is, of course, a good thing. But there’s a drawback: When you use end-...

Introducing Panoptica, The Cisco Secure Application Cloud

By: Rich Gold
May 19 2022

Enabling DevSecops for cloud native applications through security automation “From the acquisition of Portshift, the Cisco Emerging Technology and Incubation team has been on a mission to enable secure software development for cl...

5 Real-World API Security Breaches from 2021

By: Ran Ilany
Apr 14 2022

It’s no exaggeration to say that, when it comes to API security, there are a lot of challenges. Not only are attacks that exploit vulnerabilities in APIs on the rise, but there is good reason to believe that API vulnerabilities will be am...

Securing API Calls in Kubernetes, a simple and effective Approach

By: Alessandro Duminuco
Apr 13 2022

Historically, API authentication methods have involved a tradeoff between security and convenience. Today, with cloud native applications and Kubernetes, there are several options, but security tradeoffs remain: You could hardcode credentials, wh...

The 3 Pillars of API Security: Visibility, Risk Scoring & Enforcement

By: Alessandro Duminuco
Oct 20 2021

You can’t secure what you can’t see. APIs are no exception. Whether your application uses internal APIs to manage interactions between microservices, external APIs to integrate with third-party services, or both, you need to be able to visual...

Internal vs. External API Security: What to Know

By: Peter Bosch
Oct 6 2021

Every API falls into one of two categories: Internal or external. External APIs are APIs that developers use to integrate their applications with a third-party resource, such as a public cloud service or a SaaS application. This type of API is pr...