LambdaTest announced its partnership with Assembla, a cloud-based platform for version control and project management.
Cloud Workload Security - Improving Practices for Deployment and Run-Time
May 10, 2022
DevOps is considered green when it comes to security practices. Developers are generally focused on the performance and deployment of solutions, rather than their protection. As cloud workload security (CWS) advances from deployment, to mainstream adoption, to run-time optimization, there are certain steps that DevOps teams need to implement to ensure they're properly protecting their projects.
Below, find three critical steps for DevOps teams to improve their CWS protections for application deployment and run-time.
Ensure a proper assessment
The first step to implementing proper security measures to DevOps pipelines is to make sure a proper assessment is performed. It's critical for an organization to understand the risks associated with migration and cloud solution provider infrastructure. This assessment requires DevOps teams to ask multiple questions.
First, what is the shared responsibility of this project?
Consider all parties who will be utilizing this solution and who has a hand in keeping it running once live.
Second, which controls can be used with the current infrastructure, and which ones do you have to implement?
Once a CWS initiative is in active run-time, take note of the security capabilities you are able to immediately implement, and which safeguards are still missing.
Lastly, which security controls are in line with risk management?
Once your initial assessment is complete, make sure that you are allocating adequate security controls to align with risk management initiatives. By performing this assessment, security teams and DevOps developers alike are able to better protect against cyberattacks before and during deployment-especially important in the modern DevOps environment.
Recognize the cybercriminal draw to cloud infrastructure environments
In the current DevOps landscape, there are a number of reasons cybercriminals are shifting attacks to virtualized, and more specifically Linux environments. First, because more than 80 percent of workloads(link is external) that reside in the cloud/hybrid cloud (both servers and containers) environments run on Linux-based distributions.
Why is this the case?
They're more efficient, easier to manage, they consume less resources, and at their core, they're purpose-built to serve a specific goal. This means that they're more generically built and formulaic, making it easier for cybercriminals to mimic an environment.
Second, Linux-based workloads are the most overlooked across the board in any infrastructure- many believe that because it is open sourced, they're not responsible for securing Linux.
Lastly, most distributions are housed in the open-source realm meaning there's no real commitment to provide security updates and patches, deeming them vulnerable by nature. When deploying a solution on a Linux/open-source environment, DevOps teams should be hyper-aware of the security risks and what this type of environment will mean for security purposes in the long run.
Steps for protecting and deploying container-based applications
With this information in mind, there are key steps for building and deploying more secure virtualized environments. When developing a DevOps initiative, make sure that security is leveraged as part of every stage of the deployment pipeline.
It's important to consider capabilities, such as managed detection and response (MDR) and extended detection and response (XDR), as part of the assessment process during pre-deployment to proactively assess threats, misconfigurations, and vulnerabilities.
Next, when your containers are ready for run-time, make sure you have safeguards for run-time protection. You can build container environments with protections, but without actual run-time protection, those containers remain vulnerable during a successful breach.
Understand that you're responsible for the data that your applications process within the cloud, whether it's owned or not. Once other users adopt your technology, securing the hosted data becomes a shared responsibility.
Each one of these steps will ensure more trustworthy, user-friendly environments.
Conclusion
Remember that security controls by themselves are just a piece of technology. Security controls, in an ideal setting, should be in line with processes and product development. Gearing up for deployment should not mean sacrificing security controls to deploy faster or more efficiently.
Additionally, the DevOps engineers behind these controls must be able to understand the technology, the protocols, and the risks- plus how to effectively take advantage of these technologies to use them to their full potential. By understanding how to protect DevOps initiatives to their fullest, dev teams will ultimately build better, security hardened, container environments.
Industry News
June 03, 2025
Salt Security unveiled Salt Illuminate, a platform that redefines how organizations adopt API security.
June 03, 2025
Workday announced a new unified, AI developer toolset to bring the power of Workday Illuminate directly into the hands of customer and partner developers, enabling them to easily customize and connect AI apps and agents on the Workday platform.
June 02, 2025
Pegasystems introduced Pega Agentic Process Fabric™, a service that orchestrates all AI agents and systems across an open agentic network for more reliable and accurate automation.
June 02, 2025
Fivetran announced that its Connector SDK now supports custom connectors for any data source.
June 02, 2025
Copado announced that Copado Robotic Testing is available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
May 29, 2025
Check Point® Software Technologies Ltd.(link is external) announced major advancements to its family of Quantum Force Security Gateways(link is external).
May 29, 2025
Sauce Labs announced the general availability of iOS 18 testing on its Virtual Device Cloud (VDC).
May 29, 2025
Infragistics announced the launch of Infragistics Ultimate 25.1, the company's flagship UX and UI product.
May 29, 2025
CIQ announced the creation of its Open Source Program Office (OSPO).
May 28, 2025
Check Point® Software Technologies Ltd.(link is external) announced the launch of its next generation Quantum(link is external) Smart-1 Management Appliances, delivering 2X increase in managed gateways and up to 70% higher log rate, with AI-powered security tools designed to meet the demands of hybrid enterprises.
May 28, 2025
Salesforce and Informatica have entered into an agreement for Salesforce to acquire Informatica.
May 28, 2025
Red Hat and Google Cloud announced an expanded collaboration to advance AI for enterprise applications by uniting Red Hat’s open source technologies with Google Cloud’s purpose-built infrastructure and Google’s family of open models, Gemma.
May 28, 2025
Mirantis announced Mirantis k0rdent Enterprise and Mirantis k0rdent Virtualization, unifying infrastructure for AI, containerized, and VM-based workloads through a Kubernetes-native model, streamlining operations for high-performance AI pipelines, modern microservices, and legacy applications alike.
May 28, 2025
Snyk launched the Snyk AI Trust Platform, an AI-native agentic platform specifically built to secure and govern software development in the AI Era.
