How Panoptica Secures GitOps to Protect CI/CD Pipeline Tools

By: Tomer Dvir
Jun 8 2022

If you work in software development or IT, you’ve likely heard about – and perhaps are even practicing – GitOps, the latest, greatest way to accelerate software delivery. GitOps uses Git, the version control system, to centralize and stan...

Seeing the Unseen: Gaining Visibility into API Payload Encryption

By: Alessandro Duminuco
Jun 7 2022

When it comes to API security, end-to-end encryption presents something of a paradox. On one hand, encryption secures the data that is exchanged during transactions. This is, of course, a good thing. But there’s a drawback: When you use end-...

Why Now Is the Time for CISOs to Embrace CNAPP for Cloud Native Security

By: Ran Ilany
Apr 20 2022

“Breaking down silos” is a common phrase in the world of DevOps and DevSecOps. Ironically, though, if you look at how many DevOps and DevSecOps cloud native security tools actually work, you realize that the tools used are very siloed. In...

5 Real-World API Security Breaches from 2021

By: Ran Ilany
Apr 14 2022

It’s no exaggeration to say that, when it comes to API security, there are a lot of challenges. Not only are attacks that exploit vulnerabilities in APIs on the rise, but there is good reason to believe that API vulnerabilities will be am...

Securing API Calls in Kubernetes, a simple and effective Approach

By: Alessandro Duminuco
Apr 13 2022

Historically, API authentication methods have involved a tradeoff between security and convenience. Today, with cloud native applications and Kubernetes, there are several options, but security tradeoffs remain: You could hardcode credentials, wh...

Automated Policy for developers using CI/CD (Terraform) tools

By: Tomer Dvir
Aug 16 2021

Automated Policy - Infrastructure as code is a core element of today’s CI/CD pipeline and led to the emergence of Continuous Configuration Automation (CCA) tools, such as Terraform, a leading declarative push CCA solution launched by HashiCorp in ...

Hardening Kubernetes Containers Security with Seccomp

By: Erez Fishimer
Aug 13 2021

Seccomps - An often overlooked way to harden Kubernetes containers’ security is by applying seccomp profiles. Customizing seccomp profiles, in effect, provides a deeply embedded line of defense that adds a layer of protection to your application i...