What new security practices or tools have you implemented to address challenges related to microservices or serverless computing?

Security & GRC Security Strategy & Roadmap

1.5k views4 Comments

Sort by:

CIO/CISO in Healthcare and Biotech4 months ago

In addition to major players, there are Kubernetes-specific security solutions like Rad Security that delve into attack surface management for microservices and serverless computing. Identity management also plays a crucial role in this security landscape.

Field CISO in IT Services4 months ago

For microservices and serverless computing, which is primarily cloud-based, we utilize CNAPP for cloud workload protection. This includes scanning and making sure that serverless code permissions are practical and limited to necessary access. We carefully monitor and restrict access boundaries within our cloud environments.

Director of Information Security4 months ago

Our focus is on API security, utilizing tools like Salt Security to keep our APIs protected. We also prioritize container security by regularly scanning containers and maintaining updated golden images for secure computing needs. We also employ various CI/CD pipeline tools to integrate security throughout the lifecycle, adopting a shift-left strategy to proactively address security concerns. This includes code scanning and monitoring deployments for comprehensive security.

1 Reply

no title4 months ago

While I can't discuss specific tools, our approach is similar to your organization’s. We aim to secure the entire lifecycle of serverless applications, focusing on architecture, visibility, and continuous monitoring. Inline scanning and other security measures are integral to our strategy.

Content you might like

Which cybersecurity metrics do you currently use with your board?

How confident are you in letting AI agents take autonomous actions after a SIEM or XDR alert?
Are you using them today? If not, what’s holding you back?

Are CISA's current recommendations for preventing Maui ransomware attacks sufficient?

Yes, if followed correctly.39%

Unsure38%

No, there is still a significant risk.19%

Other (please tell us in the comments)3%

View Results

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What is your overall attitude towards Edge Computing?

I am a huge fan of this technology20%

I find this technology very useful, yet have some slight doubts64%

I have quite a few doubts about this technology12%

I am not a fan of this technology at all2%

View Results

What new security practices or tools have you implemented to address challenges related to microservices or serverless computing?

Sort by:

Content you might like

Which cybersecurity metrics do you currently use with your board?

How confident are you in letting AI agents take autonomous actions after a SIEM or XDR alert?
Are you using them today? If not, what’s holding you back?

Are CISA's current recommendations for preventing Maui ransomware attacks sufficient?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What is your overall attitude towards Edge Computing?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go

What new security practices or tools have you implemented to address challenges related to microservices or serverless computing?

Sort by:

Content you might like

Which cybersecurity metrics do you currently use with your board?

How confident are you in letting AI agents take autonomous actions after a SIEM or XDR alert?Are you using them today? If not, what’s holding you back?

Are CISA's current recommendations for preventing Maui ransomware attacks sufficient?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What is your overall attitude towards Edge Computing?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go

How confident are you in letting AI agents take autonomous actions after a SIEM or XDR alert?
Are you using them today? If not, what’s holding you back?