Security
Zero Standing Privileges in Production EnvironmentsIn this demo, VP R&D Ori Mankali gives us a look into a simple application that uses GitLab in which he builds and deploys a Docker image to Docker Hub and uses that to pull the application, which is running on Amazon EKS. The demo will show the initial state of the application and then […]
Security
Why All Organizations Benefit From Centralized Secrets ManagementToday, the surge of automation and containerization can be found in organizations of all sizes. No matter which industry, hybrid multicloud workloads that operate within agile DevOps environments are now central to maintaining a competitive edge, creating great end-user experiences, and increasing employee efficiency. On the other side of the coin, these organizations also still […]
Security
DevSec For Scale Podcast Ep 1: Startup Security Best PracticesThe DevSec For Scale Podcast and Meetup have arrived! We have a single mission with this community: “Making security a first-class citizen in young and growing companies.” Our first podcast guest is one of our good friends, Dr. Chase Cunningham. Chase has been a great asset as an Advisory Board member and was also a […]
This post was written based on the work of Fahmy Khadiri, Technical Sales Account Manager at Akeyless, in his voice. Introduction In this blog post, I’ll be walking you through Kubernetes authentication and secrets injection using native Kubernetes constructs and the Akeyless Secrets Injection Webhook to fetch secrets from Akeyless Vaultless® Platform into your Kubernetes […]
DevOps
Securing Privileged User Accounts with Rotated SecretsOverview One of the most sensitive secrets in your organization is without a doubt the credentials for your superuser accounts. These accounts, such as the root account for a Linux server, the Administrator account for a Windows server, or the Admin accounts for a network device, have virtually unlimited privileges. Anyone with the credentials for […]
Security
Adapting Identities and Secrets To The Changing State of CybersecurityAkeyless was honored to have former NSA Director, Admiral Mike Rogers, open the sessions at KeyConf NYC’21. In his impressive career, Admiral Rogers held key positions around the globe, focusing on cyber, intelligence, and national security. From his expert vantage point, he presented his insights on the current state of cybersecurity, and what organizations need […]
Security
How to Win at Zero TrustThe recent KeyConf NYC’21 event featured a very interesting session, presented by none other than former Forrester analyst, Dr. Zero Trust, Dr. Chase Cunningham. He showed the audience how Zero Trust is sometimes overthought and when you apply the most important and fundamental Zero Trust steps, you start winning at security, in big numbers. Zero […]
News | Security
The Log4j VulnerabilityExecutive summary: The Akeyless Vaultless® Platform is not impacted by the log4j vulnerability Recently, a zero-day vulnerability (CVE-2021-44228) was discovered in the popular Apache Log4j logging library, which could allow an attacker full remote code execution. Many enterprise apps and cloud services use this common logging library. Apache has since released a security update and […]
DevOps
Akeyless Kubernetes External KMS Plugin for Secrets EncryptionTL;DR Akeyless added support for Kubernetes data encryption at rest, and is now available for use in your own Kubernetes cluster! Check it out here! First Things First: Some Context Kubernetes, as an infrastructure management solution, allows the creation of various resources, including Pods (servers), Persistent Volumes (storage), Services (load balancers), and others. You can […]
News
Looking back at KeyConf NYC’21Our very first KeyConf event came to an end here in New York City, and it was a blast! After a day filled with valuable insights from leading security professionals, KeyConf marks a phenomenal year for Akeyless. Co-founder and CEO Oded Hareven shared on stage: “We’re excited about the traction we’ve seen and the number […]
News
KeyConf 2021 Is Here! Secrets Management ReimaginedModern enterprises need to be increasingly dynamic to keep their competitive advantage. They now have many teams using workloads and data to support their DevOps, Cloud Transformation, and Zero Trust Access initiatives. And all these workloads, users, and tools use secrets to communicate securely. It is clear that the increase in secrets usage has gone […]
Security
Redefining Root of Trust For The Cloud Era (Part 2)Cloud computing has brought irreversible changes and improvements to the way we share information and conduct business. However, it has also introduced new cybersecurity threats, that if left unaddressed, can result in irreversible damage to a company’s reputation and position in the market. Encryption has been used as a primary defense against data theft, whether […]
