Posts under Devops

Image - Containers, security, and compliance in the financial sector: putting it all together

Containers, security, and compliance in the financial sector: putting it all together

Since day one at StackRox, three years ago, we’ve made it a point to meet regularly with CISOs from top banks and other global 2000 companies. The focus of these discussions was on how we might expedite the adoption of containers, and improve the process of maintaining better security and regulatory compliance. Over the course of these many conversations, I’ve found that there are some important ideas worth sharing broadly, though they’re likely most interesting to IT and security leaders in the financial world, where both competitive and regulatory pressures are very high.

Image - How containers and DevOps could have left Equifax’s attackers empty-handed

How containers and DevOps could have left Equifax’s attackers empty-handed

By now, details of the massive Equifax breach that saw 143 million personal records compromised has made its way around the global news, as well as the broader security and enterprise IT communities. Within these circles, you can bet that anyone responsible for resolving application vulnerabilities is worried about becoming the next headline. There’s little argument that patching applications is a big deal; both in terms of criticality to the organization’s security posture, and in terms of the onerous process it can be when performed in traditional application environments.