Container Security stories

Attackers are hijacking live web sessions by stealthily tampering with NGINX configs, silently relaying traffic via rogue servers.

RapidFort secures USD $42m Series A to scale automated software supply chain security and continuous vulnerability remediation.

Veracode upgrades its Package Firewall and testing tools to block malicious software packages before they enter development pipelines.

Practical DevSecOps unveils a hands-on Certified Security Champion course to embed security advocates inside software development teams.

Delinea is set to acquire StrongDM, uniting privileged access and runtime authorisation to secure AI agents and non-human identities at scale.

Rapid7 partners with ARMO to embed cloud runtime detection into its Command Platform, unifying exposure management and live threat response.

CSPM tools will vanish as a separate market by 2026, Tenable says, as CISOs pivot spend to machine identity risk and permissions sprawl.

Chainguard unveils EmeritOSS to keep mature but unmaintained open source projects secure, patched and reliable without adding new features.

Tracebit launches a free community canary platform, bringing high-signal breach detection to developers, security hobbyists and small teams.

Practical DevSecOps is offering a Black Friday sale with 15% off all certifications and up to $500 off bundles for hands-on security training.

By 2026, AI will power fully automated cyber attacks, escalating the scale and speed of online threats, warns Trend Micro's latest forecast.

Minimus unveils Image Creator, enabling enterprises to build secure, custom container images with enhanced compliance and reduced vulnerabilities.

Zero Networks launches enhanced Kubernetes microsegmentation tools offering security teams greater control and visibility without needing specialist DevOps skills.

Practical DevSecOps has certified over 1,000 professionals in its rigorous AI security programme, addressing critical skills gaps in defending against evolving AI threats.

Droplet's NeverTrust security solution certified on HPE ProLiant to shield UK firms from costly breaches by isolating applications beyond identity-based controls.

Practical DevSecOps has formed an Advisory Board with Erika Voss and Cecil Su to tackle the global shortage of up-to-date cybersecurity skills through strategic training.

A critical Redis flaw called RediShell risks 330,000 cloud systems globally, urging urgent patching of all exposed and unauthenticated instances.

Azul has launched the TAP program to boost innovation and collaboration within the Java ecosystem, offering partners technical support and access to broader markets.

Checkmarx has been named a leader in the IDC MarketScape ASPM 2025 report for its AI-driven, developer-focused application security platform.

Rapid7 is named a Leader in IDC's 2025 report for its Exposure Command platform, unifying attack surface visibility with AI-powered risk prioritisation and remediation.