While doing some work on Trow, our image management solution for Kubernetes, we discovered how easy new tooling makes it to produce container images for multiple architectures. This post will show how...

If you’ve got something valuable, you can pretty much guarantee that someone will be looking to carry out unauthorised activities around it, and cloud workloads are exposed to just as many security ri...

If you Google “DevSecOps”, and in particular if you read the typical security vendor blogs, you’d be forgiven for thinking that the term is all about automation and tooling. However, in much the same ...

When the White House says something is a threat, many people’s first reaction is to work out precisely what it is that the president and his aides are really trying to distract us from.

We can get overly obsessed with uptime. We can actually set service level objectives (SLOs) too high. If we zero in on five-nines across the board, we risk compromising our teammates’ ability to innov...

In this tutorial, the last in our series on the External Secrets project, we will configure Azure KeyVault in order to have a safe way to access secrets, and then configure External-Secrets to fetch i...

The pandemic accelerated the economic transition to digital-native services and products. Across industries and categories, organisations aspired to scale their development performance in the face of ...

A few years ago, I managed a user-experience designer who excelled at design but was wholly unfamiliar with the user end of cybersecurity software. It mystified him why I would overrule a straightforw...

Last year was a lot of things. Among them, 2021 was the year of cybersecurity threats. And this year seems on track to top it. The question is becoming not if, or when, but who. Who exactly is respons...