Enforcing security and compliance requirements in modern cloud-native pipelines can be a challenge. The increased attack surface of container infrastructures makes security even more important, but security and DevOps teams can’t afford to slow the pipeline with manual processes.
It takes a broad array of cloud-native security capabilities to successfully integrate security into the CI/ CD pipeline. Run- time security without vulnerability and compliance management in the pipeline will increase the risk of damaging attacks penetrating the production environment.
This guide discusses security issues facing DevOps and security teams and identifies 10 integration points where container security can be automated into the pipeline.