Cloud-Native

I’ll start with a premise for those who may not already be familiar: the open-source software ecosystem often revolves around foundations, with the most famous probably being the Linux Foundation. In the cloud-native domain, the reference foundation is the Cloud Native Computing Foundation, commonly known as CNCF. CNCF is a foundation created by the Linux Foundation in 2015, specifically to manage projects in the cloud-native domain. In simple terms, it can be defined as a third-party, vendor-neutral entity that oversees the development and activities related to major projects involving containerized technologies like Kubernetes. ...

During the past few weeks, I have described what a secrets manager is and provided an overview of the architecture and system requirements of CyberArk Conjur. A secrets manager can’t do its job if it can’t communicate with those who need to request secrets, and that’s where Conjur’s magic comes in! The “authenticators” are responsible for the authentication process in Conjur and are specialized to do this in the most secure way, depending on the service. Here is the list of authenticators currently supported: ...

Security is always a complex topic to address, as an error or omission in processes can lead to serious economic or reputational damage for a company. When we talk about “secrets,” consider the following examples: Usernames Database passwords SSL certificates and keys SSH keys Cloud credentials Simply reading through this list helps to explain why this topic needs to be considered and handled carefully. Some common bad practices or risks include: ...