Devtron's integrated security scanning automatically checks every pipeline stage—from code commits to container builds—blocking supply chain attacks, secret leaks & vulnerable dependencies without slowing deployments. Get built-in protection for your CI/CD workflow.
Security
A quick guide to handling secrets in CI/CD, ensuring secure and efficient software delivery without exposing sensitive information.
Learn how to integrate security scanning into your CI/CD pipeline to identify vulnerabilities early, automate security checks, and ensure secure software delivery throughout your development process.
Critical Kubernetes Ingress NGINX vulnerabilities expose clusters to remote code execution and secret exposure. An immediate upgrade to version 1.12.1 or 1.11.5 is recommended. Verify your installation and implement strict network policies.
TL;DR: Securing sensitive data has become very important in the modern world. Using Kubernetes secrets might not be the best option for managing your secret keys. This article walks you through Microsoft Azure's Key Vault and how you can use it for managing Kubernetes secrets.
Detect and fix common container vulnerabilities to secure your applications using Devtron's comprehensive management and scanning capabilities
TL;DR In the dynamic world of cloud-native, Kubernetes stands as an undisputed leader in the space of container orchestration. This article explores how to secure your Kubernetes environment using Single Sign-On (SSO) and Resource-Based Access Control (RBAC).
TL;DR: Running Kubernetes on production and securing is one of the most important aspect. In this blog, author talks about 11 common misconfigurations that needs to be avoided for maintaining operational stability.