Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.
While cloud providers offer many cloud native security features and services, supplementary third-party solutions are essential to achieve enterprise-grade cloud workload protection from breaches, data leaks, and targeted attacks in the cloud environment. The following are some industry best practices recommended:
1. Zero-trust cloud network security controls across logically isolated networks and micro-segments
Deploy business-critical resources and apps in logically isolated sections of the provider's cloud network, such as Virtual Private Clouds (AWS and Google) or vNET (Azure). Use subnets to micro-segment workloads from each other, with granular security policies at subnet gateways. Use dedicated WAN links in hybrid architectures and use static user-defined routing configurations to customize access to virtual devices, virtual networks and their gateways, and public IP addresses.
2. Shift your security left
Incorporate security and compliance protection early into the development lifecycle. With security checks integrated continuously into the deployment pipeline, rather than at the end, DevSecOps are able to find and fix security vulnerabilities early, accelerating an organization's time-to-market.
3. Keep code securely hygenic with vulnerability management
Set guardrails polices ensuring your deployment meets the corporate code hygiene policies. These policies will alert on deviation from the policy and can block deployments of non-compliant artifacts. Build remediation processes by alerting the development team on non- compliant artifacts with appropriate remediation.
Incorporate tools which provide the ability to explore vulnerabilities and SBOM (Software Bill of Materials) to quickly identify resources with critical vulnerabilities.
4. Avoid misconfiguration with continuous posture scanning
Cloud security vendors provide robust Cloud Security Posture Management, consistently applying governance and compliance rules to virtual servers. This helps to ensure they are configured to the best practices and properly segregated with access control rules.
5. Safeguarding all applications (and especially cloud-native distributed apps) with active prevention via IPS (Intrusion Prevention System) and next-generation web application firewall
Stop malicious traffic from reaching your web application servers. It automatically updates WAF rules in response to traffic behavior changes and is deployed closer to microservices that are running workloads.
6. Enhanced data protection with multi-layers
Enhanced data protection with encryption at all transport layers, secured file shares and communications, continuous compliance risk management, and maintaining good data storage resource hygiene such as detecting misconfigured buckets and terminating orphan resources will provide that additional security layer for an organization's cloud landscape.
7. Threat intelligence that detects and remediates known and unknown threats in real-time
Third-party cloud security vendors add context to the large and diverse streams of cloud-native logs by intelligently cross-referencing aggregated log data with internal data such as asset and configuration management systems, vulnerability scanners, etc. and external data such as public threat intelligence feeds, geolocation databases, etc. They also provide tools that help visualize and query the threat landscape and promote quicker incident response times. AI-based anomaly detection algorithms are applied to catch unknown threats, which then undergo forensics analysis to determine their risk profile. Real-time alerts on intrusions and policy violations shorten times to remediation, sometimes even triggering auto-remediation workflows.
Industry News
Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.
Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.
As part of Summer '25 Edition, Shopify is rolling out new tools and features designed specifically for developers.
Lenses.io announced the release of a suite of AI agents that can radically improve developer productivity.
Google unveiled a significant wave of advancements designed to supercharge how developers build and scale AI applications – from early-stage experimentation right through to large-scale deployment.
Red Hat announced Red Hat Advanced Developer Suite, a new addition to Red Hat OpenShift, the hybrid cloud application platform powered by Kubernetes, designed to improve developer productivity and application security with enhancements to speed the adoption of Red Hat AI technologies.
Perforce Software announced Perforce Intelligence, a blueprint to embed AI across its product lines and connect its AI with platforms and tools across the DevOps lifecycle.
CloudBees announced CloudBees Unify, a strategic leap forward in how enterprises manage software delivery at scale, shifting from offering standalone DevOps tools to delivering a comprehensive, modular solution for today’s most complex, hybrid software environments.
Azul and JetBrains announced a strategic technical collaboration to enhance the runtime performance and scalability of web and server-side Kotlin applications.
Docker, Inc.® announced Docker Hardened Images (DHI), a curated catalog of security-hardened, enterprise-grade container images designed to meet today’s toughest software supply chain challenges.
GitHub announced that GitHub Copilot now includes an asynchronous coding agent, embedded directly in GitHub and accessible from VS Code—creating a powerful Agentic DevOps loop across coding environments.
Red Hat announced its integration with the newly announced NVIDIA Enterprise AI Factory validated design, helping to power a new wave of agentic AI innovation.
JFrog announced the integration of its foundational DevSecOps tools with the NVIDIA Enterprise AI Factory validated design.
GitLab announced the launch of GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year.