Skip to content

Security and DevSecOps. Container Security


Authentication and Authorization

Quality Gates

16 Gates

  • medium: Focusing on the DevOps Pipeline 🌟 Delivering High Quality Working Software Faster with Agile DevOps. At Capital One, we design pipelines using the concept of the “16 Gates”. These are our guiding design principles and they are:
    • Source code version control
    • Optimum branching strategy
    • Static analysis
    • More than 80% code coverage
    • Vulnerability scan
    • Open source scan
    • Artifact version control
    • Auto provisioning
    • Immutable servers
    • Integration testing
    • Performance testing
    • Build deploy testing automated for every commit
    • Automated rollback
    • Automated change order
    • Zero downtime release
    • Feature toggle
  • 🌟 CapitalOne DevOps Dashboard

Kubernetes Threat Modelling

Kubernetes Config Security Threats

Security Linting on Kubernetes

IaC and Security

Multi-Level Security (MLS) vs Multi-Category Security (MCS). Make Secure Pipelines with Podman and Containers

Project Calico

Security Patterns for Microservice Architectures

Anchore Container Security Solutions for DevSecOps

Twistlock and Threat Stack Container Security



Secure Container Based CI/CD Workflows. Vulnerability Scanner for Container Images

Securing Kubernetes With Anchore


GitHub security

Databases in DMZ and Intranet

Removing Credentials From Git Repo


SQL Injection

Credential Managers


Git Credential Manager Core

Secrets Management

Store private data in git repo

HashiCorp Vault

Azure Key Vault to Kubernetes akv2k8s

  • 🌟 Azure Key Vault to Kubernetes (akv2k8s) makes Azure Key Vault secrets, certificates and keys available in Kubernetes and/or your application - in a simple and secure way

CyberArk and Ansible

CyberArk Conjur

SOPS for Kubernetes

Alternatives with Kubernetes External Secrets

Serverless Security Best Practices

Docker Images & Container Security

Pod Security Policies

Kubernetes Network Policies

Static Analysis SAST

Kubernetes Security Tools

Helm Charts Security

Password Recovery

Attacks on Kubernetes via Misconfigured Argo Workflows




More Security Tools