In this newsletter, we take a closer look at toil and explore how policy-as-code can be used to reduce toil in organizations.

The cloud-native space and development have redefined how organizations do business; they bring to the table

Zero Trust Architecture and Zero Trust Networks have been in the news a lot lately. The US Federal government has been pushing hard on agencies to adopt zero-trust cybersecurity architectures.

In our SaC (Security-as-code) podcast, we talk to industry experts and leaders in cloud security about the

CIS Benchmarks, a set of cybersecurity best practices, is now a standard at Magalix. We’ve mapped CIS Benchmark controls to Magalix Policies so that you can sort, filter, and group by this standard. 

Earlier this year, Magalix fully integrated with GitHub Actions. With this integration, teams were alerted with any security and compliance violations at run-time but DevOps engineers still had to invest time and resources to fix the issues.

At Magalix, we understand the complexities and the challenges of securing the Kubernetes stack and the cloud-native ecosystem. And as such, we are happy to announce the release of MITRE ATT&CK for Enterprise Policy Pack, along with the associated reporting.

The ephemeral nature of the cloud-native world has significantly raised the stakes for cybersecurity. How can companies build cyber resilient software and infrastructure in the face of evolving cyber threats?  How can business leaders capture the full benefits of cloud - speed and agility - in a way that is secure, scalable, and sustainable? 

Understanding the complexity of the PCI DSS compliance first hand, we are proud to announce the general availability of PCI-DSS support within our extensive Magalix Policy Library. We have partnered with FinTech organizations, PCI-auditors, and our own collective experiences within the space to provide a one-to-one mapping of Policies to PCI requirements, covering all 12 PCI-DSS controls.

With GitHub Actions, teams can now automate, customize, and execute their software development workflows in their own repository. Allowing for any customization, teams have the flexibility to create and share any jobs, such as CI/CD. And now, Magalix is now fully integrated with GitHub Actions.

At Magalix, we’ve decided to help teams and organizations tighten the security of their applications and containers through The Cloud-Native Application Policy Pack. 

We have exciting news to share with you this week. Magalix Enterprise is now an Oracle Cloud Infrastructure (OCI) technology partner. As an OCI partner, Magalix fully supports Oracle Kubernetes Engine (OKE), enabling users to secure their OKE infrastructure with Magalix security-as-code platform. 

We introduce to you the SaC: Security-as-Code. SaC is all about codifying and automating security into DevOps workflows. In the most basic of definitions, SaC is about enabling companies to innovate confidently and securely. 

Security-as-code (SaC) is an effective and relatively new practice to many engineers. We understand that practitioners want to know how they keep their agility while securing their infrastructure and applications with SaC. And as such, we have shifted gears and our focus to SaC. Our product, website, and blog are now focused on the value companies can reap with SaC, shifting security left, codifying security policies, and more.

Our focus is on Kubernetes security and how you can protect your cloud-native infrastructure by Shifting-Left. We have several blogs that tackle the security challenges in the cloud-native sphere and how baking security measure can help secure your infrastructure. 

The financial world is changing. Small banks are becoming big banks, cryptocurrencies are the cool kids on the block, passing cash back and forth is becoming antiquated. In this last Superbowl,  not a single vendor was allowed to accept cash!  

In this issue, our focus is on Kubernetes security and how you can protect your cloud-native infrastructure by Shifting-Left.  We have several blogs that tackle the security challenges in the cloud-native sphere and how baking security measure can help secure your infrastructure. 

We invite you to attend our upcoming live webinar and learn from Magalix experts the 3 key elements to successfully shifting security left; Open, Integrated, and Visible.

Magalix held a great, interactive webinar yesterday highlighting the 5 key takeaways of policy-as-code sessions that took place in KubeCon NA 2020.  Missed it? You can watch the replay anytime. 

KubeCon North America 2020 is in less than 2 weeks. We'll be there to talk governance, policy management, and much more. Come meet us and get a free consultation!

On November 4th, come get all of your Governance 101 questions answered by our CTO, Ahmed Badran. He will cover What Kubernetes Governance is and why it is important

Next week: if capacity planning for memory and CPU usage in your pods is giving you and your team a major headache, come to our third webinar in the Capacity Management Webinar series (register below).

Join our live webinar tomorrow to learn how to optimize your infrastructure resources (CPU, memory, and node pool in Kubernetes) with focus on cost saving. 

One week from today, come learn how to optimize your cloud infrastructure resources (CPU, memory, and node pool in Kubernetes) with a focus on cost savings. 

Speaking of webinars, on September 24th we'll be covering Kubernetes Optimization and most importantly, we'll show you step by step how we saved 40% on our monthly cloud bill.

If you're getting this, chances are you came to our blog to learn about CI/CD on Kubernetes, or downloaded one of our eBooks on key subject matter areas of Kubernetes like capacity management or application patterns.

Learn the basics of capacity management live, this upcoming Monday, August 10th, with Magalix.

Capacity management, or in other words, defining your CPU and Mem limits and requests specifically for how your apps and processes use them on Kubernetes to manage the tradeoff between cost, performance, and resource use, is a constant challenge for teams who are migrating to or are already in production with K8s.

This week, we bring you two new heavy-hitting articles. If you're trying to understand the best practices of using Kafka on Kubernetes, or trying to help your team get their heads around Ingress best practices, have we got the article for you.

One week from today, come learn how to optimize your cloud infrastructure resources (CPU, memory, and node pool in Kubernetes) with a focus on cost savings. 

Earlier this week we paired with WeaveWorks to bring the cloud-native community a deep-dive on capacity management basics. Check out the stream here, and download the eBook below.

Today we're happy to announce that you can now get the full benefits of OPA in Magalix without the complexities of OPA setup, deployment, and integration.

Mark your calendars - June 30th, 2020 we'll be hosting a joint webinar with Weaveworks, to cover cloud-native capacity management and security best practices. Our CTO, Ahmed Badran

Mark your calendars - June 30th, 2020 we'll be hosting a joint webinar with WeaveWorks, to cover cloud-native capacity management and security best practices.

Security-as-code (SaC) is an effective and relatively new practice to many engineers. We understand that practitioners want to know how they keep their agility while securing their infrastructure and applications with SaC. And as such, we have shifted gears and our focus to SaC. Our product, website, and blog are now focused on the value companies can reap with SaC, shifting security left, codifying security policies, and more.

Today we're happy to announce that you can now get the full benefits of OPA in Magalix without the complexities of OPA setup, deployment, and integration.