security

Zero trust policies for software releases could be key

Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the development process is every bit as […]

Gopinath Rebala

December 8, 2022

OpsMx is now ISO 27001:2013 certified!

What is ISO 27001? The International Organization for Standardization (ISO), is an independent, international organization that sets the global standards for security and safety. In other words, ISO consults experts all over the world to create standards that define what excellence looks like. ISO 27001 is a part of the ISO 27000 family of standards, […]

Anushua Gorai

November 8, 2022

OpsMx Achieves SOC 2 Type II Compliance

Following our SOC 2 Type I report, OpsMx’s additional Type II report is the next step in our organization. In March (2022), OpsMx announced completion of SOC 2 Type I audit, a significant milestone in our support. It affirms OpsMx’s information security practices, policies, procedures, and operations, meets the SOC 2 standards for security, availability, processing integrity, […]

OpsMx

September 12, 2022

3 Best Practices for Securing and Hardening Open Source Spinnaker

What is driving the need for a secured and hardened OSS? Most organizations are adopting open-source software. But like other software, open source software (OSS) also comes with challenges. For instance, without a proper maintenance and security plan, any open source software is bound to become a liability. Still, organizations fail to address the gaps […]

Anushua Gorai

August 12, 2022

What is Zero Trust security and why is it necessary for a continuous delivery process?

Table of Contents What is Zero Trust? Zero Trust is a security model that enables the DevSecOps team to deal with vulnerabilities that have arisen with massive digital transformations like cloud adoption, decentralized infrastructure, and container technologies. Though these have enabled teams to deliver products and services efficiently, the traditional security models pose a massive […]

Jyoti Sahoo

January 5, 2022

Securing nginx ingress with LDAP

Introduction:  If we have Kubernetes hosted application, then if we want to secure it with LDAP protocols we have to follow the a few steps. Through this, only authorized users can have access to the host server or the application.  Although this blog is generic for any host server, but open source Spinnaker users will find […]

Gopal Jayanthi

August 4, 2021

How to setup SAML Authentication in Spinnaker using Okta

Introduction Security Assertion Markup Language (SAML) is a standard used for user login to different applications like Spinnaker,  based on their logged-in sessions used in another context. This single sign-on (SSO) login standard has significant advantages over logging in using a username/password: No need to type in credentials No need to remember and renew passwords No weak passwords The […]

Vamsi Krishna

June 30, 2021

What is DevSecOps and How to implement it using Spinnaker

OpsMx Enterprise for Spinnaker The DevSecOps Native Continuous Delivery Tool. Where Security is a Priority Get Free Trial What Does DevSecOps Stand For ? DevSecOps is an acronym for three words that are Development , Security and Operations. DevSecOps is a necessary evolution that ingrains security at every level and makes everyone accountable. What is […]

Gopinath Rebala

June 22, 2021

PODCAST: Securing Continuous Delivery using AI/ML

OpsMx brings you a fantastic podcast series outlining how one can secure continuous delivery using AI and ML. You can listen to the podcast here: The fireside chat, spanning across securing continuous delivery, happened between Funs Kessen, Principal Architect Security and Compliance ( earlier Principal Architect at AWS), and Gopal Dommety, Phd, CEO OpsMx.

Debasree Panda

April 16, 2021

Update expired security certificates used for mTLS authentication in Spinnaker

Background  The self-signed certs (certificates) for mutual TLS, used as a means of security and authentication for communication between Spinnaker microservices, are usually short-lived (maybe for three months) and expire after the specified period of time. If the mTLS certs are approaching expiry, these certs need to be updated to extend their expiry time. The cert-manager is […]

Manoj Ramurthy

February 27, 2021

Deploy Anywhere using the OpsMx Enterprise for Spinnaker Anywhere Agent

Enterprise’s adoption of containers has become mainstream, and Kubernetes is the default container management platform of choice across enterprises.  Spinnaker is now the leading multi-cloud, flexible continuous delivery tool of choice, and it is increasingly being used to automate Kubernetes applications deployments. However, Spinnaker’s default configuration does not support deployments into a different security domain. This […]

Balaji Sivasubramanian

February 10, 2021
1 2 3

Ship better software faster

Intelligent software delivery tools and services for Argo and Spinnaker

Need more info? Contact Sales