Releasing a new application version into production is perhaps one of the most anxiety filled activities that developers and operators have to go through.

Blue / Green deployments looks to minimise the risks involved with this exercise by running both the old (let’s call it v1) and new (let’s call it v2) versions of our application in identical environments.

We are looking to split the traffic between our two application version following certain criteria, could be just a 90–10% traffic destination rule - or something a bit more complex like sending low priority requests to the green environment to test…

“Security is a perception… what is considered safe for one entity may not be considered safe for others.”

I still remember those opening words from our Security and Cryptography teacher when I was doing my undergraduate studies in computer science about 20 years ago.

That definition still stands today, even with the ever changing IT landscape.

When it comes to container security, one of the first things that comes to mind for most Kubernetes admins and developers is Clair — the Open Source image scanning project by CoreOS.

Clair is currently used by popular container registries, in the likes of…

Kubernetes adoption is on a steep rise, with organizations looking to empower their development teams to meet aggressive release deadlines by leveraging on the might of container orchestration.

Security is more often than not an afterthought, specially when the core focus of our team is delivering functional software in a short time frame.

Luckily enough, they are enough tools at our disposal to help us make sure that the end result of our delivery pipeline is an application workload running on top of a container image that has been scanned for vulnerabilities.

The diagram below, shows a typical pipeline that…