Progress announced the early-access release of Progress® MarkLogic® Server 12.
2020 Predictions from StackRox
January 21, 2020
The following are 2020 predictions from StackRox:
Orchestration Consolidates around Kubernetes
A lot of companies have gone down the path of DevOps, building and using containers and microservices. As a result, workloads are getting more complex, and companies are getting a much better sense of the functionality they need from the container ecosystem. The Kubernetes ecosystem is very rich, and as more companies find value in using Kubernetes as a container orchestrator, they will adopt more solutions in the ecosystem. These advances mean we'll see increasingly complex workloads running in Kubernetes.
We're seeing a pattern where different types of workloads are becoming possible because of Kubernetes. This proliferation is particularly true among companies building SaaS solutions — these applications are data heavy and very complex. These applications also lend themselves well to wider adoption of service mesh.
Kubernetes use cases move towards operationalization safety
To date, the most standard use cases for Kubernetes security across all organizations are visibility and configuration management. These use cases dominate when deployments are still early. As organizations scale and mature their deployments, the security use cases will evolve and grow as well.
What's interesting is how organizations of a certain profile are more advanced in their deployments. In some industries, such as healthcare, startups tend to be more advanced than established businesses.
Companies that are in transition are also likely to adopt Kubernetes more aggressively. Organizations such as Sony and Disney are rebuilding streaming services using Kubernetes, because they want to move as fast and offer services as quickly as companies such as Netflix. So sometimes Kubernetes adoption is tied to getting a leg up on innovation, and other times it's a matter of survival.
While the initial adoption of Kubernetes has to do largely with enabling business innovation, the technology offers powerful opportunities to build security directly into the development process. Developers are realizing that if security isn't built in, they will suffer from undetected vulnerabilities, misconfigurations, or other factors out of their control. Security is increasingly part of the developer's consciousness — it's becoming an integral part of running services and applications safely for optimal business value.
Service Mesh Comes into Its Own
While service mesh technology is in its early stages in comparison to Kubernetes, we're starting to see new requirements for how service mesh tools are going to be used. As customer deployments of service mesh technologies get more complex, the applications it supports will increase in complexity and criticality.
The general progression of microservices deployments is that you lock down your CI/CD, continuously conduct image scanning, and then harden your deployment process. Then you put the services into runtime and segment your network. You get more sophisticated as you move up the stack and incorporate additional controls and visibility into the application.
That last piece is what service mesh provides, and from a productization and application perspective, the evolution of service meshes is still unclear, since — unlike with k8s — no clear winner has emerged. The needs for observability, tracing and application-level controls using policies and routing are clear — however we have yet to see which technology emerges as the dominant player.
Security as Code Translates Security to Safety
The concepts of security and safety are often conflated. But the difference is the same as the difference between walls and doors. Treating both infrastructure and security as code allows security to move from being probabilistic to deterministic; DevSecOps teams can use the declarative nature of Kubernetes and microservices to automate processes that can scale.
The fact is, you have to build security into development for automation because you're dealing with so much data, so many users, highly distributed infrastructure, and much larger scale. You can't just keep adding firewalls and agents and point solutions in the way security teams are used to. To transition security into safety, you have to bake it in to the entire process.
Industry News
September 05, 2024
September 05, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux (RHEL) AI across the hybrid cloud.
September 05, 2024
Jitterbit announced its unified AI-infused, low-code Harmony platform.
September 05, 2024
Akuity announced the launch of KubeVision, a feature within the Akuity Platform.
September 05, 2024
Couchbase announced Capella Free Tier, a free developer environment designed to empower developers to evaluate and explore products and test new features without time constraints.
September 04, 2024
Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company, announced the general availability of AWS Parallel Computing Service, a new managed service that helps customers easily set up and manage high performance computing (HPC) clusters so they can run scientific and engineering workloads at virtually any scale on AWS.
September 04, 2024
Dell Technologies and Red Hat are bringing Red Hat Enterprise Linux AI (RHEL AI), a foundation model platform built on an AI-optimized operating system that enables users to more seamlessly develop, test and deploy artificial intelligence (AI) and generative AI (gen AI) models, to Dell PowerEdge servers.
September 04, 2024
Couchbase announced that Couchbase Mobile is generally available with vector search, which makes it possible for customers to offer similarity and hybrid search in their applications on mobile and at the edge.
September 04, 2024
Seekr announced the launch of SeekrFlow as a complete end-to-end AI platform for training, validating, deploying, and scaling trusted enterprise AI applications through an intuitive and simple to use web user interface (UI).
September 03, 2024
Check Point® Software Technologies Ltd. unveiled its innovative Portal designed for both managed security service providers (MSSPs) and distributors.
September 03, 2024
Couchbase officially launched Capella™ Columnar on AWS, which helps organizations streamline the development of adaptive applications by enabling real-time data analysis alongside operational workloads within a single database platform.
September 03, 2024
Mend.io unveiled the Mend AppSec Platform, a solution designed to help businesses transform application security programs into proactive programs that reduce application risk.
September 03, 2024
Elastic announced that it is adding the GNU Affero General Public License v3 (AGPL) as an option for users to license the free part of the Elasticsearch and Kibana source code that is available under Server Side Public License 1.0 (SSPL 1.0) and Elastic License 2.0 (ELv2).
August 29, 2024
Progress announced the latest release of Progress® Semaphore™, its metadata management and semantic AI platform.
August 29, 2024
Elastic, the Search AI Company, announced the Elasticsearch Open Inference API now integrates with Anthropic, providing developers with seamless access to Anthropic’s Claude, including Claude 3.5 Sonnet, Claude 3 Haiku and Claude 3 Opus, directly from their Anthropic account.
