BoxBoat Blog

Service updates, customer stories, and tips and tricks for effective DevOps

x ?

Get Hands-On Experience with BoxBoat's Cloud Native Academy

Category: Security

What is Zero Trust Security and how can it Protect your Organization?


by Tim Hohman | Thursday, May 14, 2020 | Security Kubernetes

I allocate a fair amount of time tracking emerging software projects and watching which solutions/companies I think might successfully meet enterprise needs. Lately, based upon discussions with Boxboat’s engineers and customers, I’ve heard more about the promise of Zero Trust architectures. What is Zero Trust Security? Zero Trust security is a rigorous approach to security focused on identifying roles to secure access, rather than a single perimeter. At BoxBoat, we believe Zero Trust should be an integral part of any digital transformation strategy as traditional security architectures seem unable to adequately address modern cyber attacks.

Open Source CVE Scanner Round-Up: Clair vs Anchore vs Trivy


by David Widen | Friday, Apr 24, 2020 | Docker Security

As packaging applications inside Docker images becomes ubiquitous, more organizations are investing in hardening their Docker images. After you've run your application code through static and dynamic analysis tools, organizations typically leverage a CVE image scanner installed in their Docker registry. This allows you to identify known CVEs before containers are deployed, reducing your risk profile. There are many vendors that provide CVE scanning tools for Docker images. Unfortunately, they don't all catch every single CVE.

Secure Your Enterprise Software With Docker Datacenter


by David Widen | Friday, Apr 7, 2017 | Docker Security

Deploying enterprise applications is very different today than it was even a few years ago. Organizations have migrated away from large, monolithic legacy applications towards distributed microservices. This paradigm shift not only complicates orchestration and deployment, but makes securing your applications both more complex and challenging. Securing these distributed microservices is of paramount importance. Every week, there is a new article about how another company was hacked and lost sensitive data to the detriment of their bottom line.