cloud-native
Safeguard articles tagged "cloud-native" — guides, analysis, and best practices for software supply chain and application security.
10 articles
Cloud-Native Application Security: Securing the Full Stack in 2026
Cloud-native apps spread risk across code, containers, and infrastructure-as-code. This guide maps the full attack surface and a layered strategy to secure all of it.
Designing Least-Privilege Kubernetes RBAC: A Practical Guide
CVE-2018-1002105 (CVSS 9.8) let an unauthenticated request reach cluster-admin through pod exec endpoints — most RBAC breaches since trace back to the same handful of over-broad bindings.
Container Security for Beginners: Keeping Your Docker Images Safe
Containers made shipping software wonderfully simple, but they also package up whatever risks come along for the ride. Here is a beginner-friendly introduction with a first image scan you can run today.
KubeCon NA 2025: Supply Chain Security Themes
KubeCon + CloudNativeCon NA 2025 put supply chain security at the center of the cloud-native conversation. Here is what mattered for platform teams.
CNCF Supply Chain Security Best Practices v2: What Changed
CNCF TAG Security shipped the v2 Supply Chain Security paper in 2025, mainstreaming SBOMs, signed attestations, and zero-trust workload identity. We walk through the practical guidance.
Runtime Threat Detection in Cloud-Native Environments
Static analysis catches known vulnerabilities. Runtime detection catches exploitation. Here is how to implement runtime threat detection for containerized workloads.
Kubernetes 1.31 Security Improvements: What You Need to Know
Kubernetes 1.31 'Elli' shipped in August 2024 with significant security improvements including AppArmor GA support, refined pod security controls, and better secret management.
CNCF Project Security Audits: What They Find and Why They Matter
The Cloud Native Computing Foundation funds independent security audits for its projects. The findings reveal patterns that every cloud native adopter should understand.
Aqua Security Platform Review: Cloud Native Security Done Right
An in-depth review of the Aqua Security platform covering container security, runtime protection, Kubernetes scanning, and how it fits into a modern DevSecOps workflow.
Cloud-Native SBOM Generation Strategies That Actually Work
Practical strategies for generating and managing Software Bills of Materials in cloud-native environments, beyond the compliance checkbox.