Engineering teams building cloud software are always under pressure to deliver new features, fix bugs, and improve performance. To move quickly, engineers need access to computing resources: Kubernetes clusters, individual servers, databases, monitoring dashboards, and so on.
But, to a security professional, all of these resources represent an ever-growing attack surface area. Just think how many attack vectors exist in a production database: an attacker can get SSH access to a database machine via a compromised key, a Kubernetes API, a compromised web UI, or even via the database’s own remote protocol.
This leads to a conflict of interest between engineering and DevSecOps teams. In this article, we’ll look into the available technologies that can help reduce or even eliminate this tension, and help teams become more efficient & secure.