14 Essential Kubernetes & Cloud Security Resources for the DevOps Community


Continuous deployment requires a continuous learning mindset. With this in mind, we’ve put together a list of 14 of our favorite blogs, and useful resources for all those in the realms of DevOps, DevSecOps and Cloud Security.

Twitter: @kubernetesio

Well, yes, expect to find all things Kubernetes here. The site provides Kubernetes documentation and user case studies, as well as integration tutorials, and articles addressing Kubernetes community governance, such as “The Future of Cloud Providers in Kubernetes,” from the leaders of the Cloud Provider SIG. This blog brings together the expertise from people working at companies like Google, VMWare, Red Hat, and the Linux Foundation, as well as independent contributors. A new article is posted, on average, every couple of weeks!

Post frequency: Every few days

Google Cloud blog and podcast
Twitter: @googlecloud

Like all the big vendor blogs, you’ll find a mix of product announcements, tech how-to’s using its tools (like “8 production-ready features you’ll find in Cloud Run fully managed”) and think pieces. It also has great analytical articles regarding its own or other organizations’ research, such as sharing the insights from its Research and Strategy team on DORA’s 2019 Accelerate State of DevOps Report.

The weekly podcast has a rotating collection of hosts conducting interviews with experts from within Google and other tech firms.

Post frequency: Often, several times a day

AWS blog– Jeff Barr
Twitter: @awscloud and @jeffbarr

Jeff Barr isn’t the only author on the AWS blog, but he is AWS’s chief evangelist and the blog’s most prolific author. Barr goes in-depth on AWS features and explores cutting edge technologies like quantum computing. It has a well-developed category list, which makes it easy to find content on topics like DevOps, development, and containers, without the list being too atomized. If you haven’t done so yet, we urge you to subscribe to his blog and to follow Jeff on Twitter.

Post frequency: Often, several times a day

Microsoft Azure
Twitter: @Azure

Anyone working with Microsoft’s Azure will benefit from its official blog. You’ll find more than just new tools and partnership announcements. It has wide-ranging content that addresses everything from big think pieces about the “promise of IoT” to detailed how-to’s like “Enabling Diagnostic Logging in Azure API for FHIR®” to business posts on managing cloud budgets.

Post frequency: Several times a day

IBM Cloud
Twitter: @IBMcloud

The IBM blog is another vendor blog that’s a must-read for anyone working on IBM platforms or with its tools. The topic range covers everything you’d expect: technical tutorials, product announcements, business and compliance guidance across an exhaustive list of categories including cloud, hybrid cloud, DevOps, and more. It posts a combination of articles, videos, and podcast content, so whatever your learning style, this has you covered.

Post frequency: Every few days

Docker blog
Twitter: @docker

As if this blog really needs a formal introduction, but here we go. This primary source blog focuses on updates, how-to’s, and best practices regarding Docker container integration with a host of other tools and technologies.

Post frequency: Often, several times a day

F5 Blog
Twitter: @F5networks

This company blog centers on app development and security, and multi-cloud management. It publishes thought pieces like “Shifting Security in DevOps Means Shifting Mindsets” to structural series like “Secure Cloud Architecture: Avoiding Technical Debt”.

Post frequency: Often, several times a day

DZone (for DevOps)
Twitter: @DZoneInc

This information portal, dedicated to supporting DevOps teams and managers, has over one million members. Articles run the gamut from addressing job satisfaction to thorough case studies on what other DevOps teams are doing. New material is published so often, it’s worth a daily check-in to see if a new article is up.

Post frequency: Often, several times a day

DevOps SubReddit
No Twitter account

This subreddit has 124,000 members and is fairly active. If you want some curation and discussion for your DevOps reading, this subreddit is your spot. The subreddit’s rules bar simply posting links, but require posters to add their thoughts. It provides a nice mix of expertise and peer analysis of the latest on Kubernetes, CI/CD practices and tool reviews.

CloudTech News
Twitter: @cloud_comp_news

A comprehensive online journal that covers the latest business and technical news in cloud computing. It publishes numerous articles daily from a variety of industry experts, including many working at companies like Microsoft, VMware, and Oracle.

Post frequency: Nearly every day

eSecurity Planet
Twitter: @eSecurityP

Focused on security, this blog provides trend analysis in the areas of cloud security, compliance, and applications, just to name a few. The overview posts of new tools, trends, and best practices are exhaustive on their own, and often include links to more in-depth content.

Post frequency: Once every few weeks

CSO on Cloud Security
Twitter: @CSOonline

The CSO brand draws together some of cyber security’s greatest experts in one place. It excels at delivering what c-suite and analysts think with its diverse selection of reviews, feature articles, and opinions, such as “How a decentralized cloud model may increase security, privacy” by Michelle Drolet, founder and CEO of cyber security firm, Towerwall.

Post frequency: Nearly every day

DevOps.com – news on strategies, insights, best practices, case studies and events
Twitter: @devopsdotcom

The site is a major repository of all things DevOps. It tends to publish every couple of days, but often publishes more than one article at a time. The scope of DevOps content is so broad (site categories include DevSecOps, AI, toolbox, and continuous testing, among others) that you can still visit every day and not get through all content. The site also posts upcoming webinars and events on its front page. Definitely a must-read!

Post frequency: Often, several times a day

DevOps Cube
Twitter: @devopscube

More than a blog, this site is home to a community of DevOps professionals. It has four main categories: CI/CD, Cloud, Containers, and Monitoring. The how-to’s and tutorials address all levels of expertise, so both beginners and experts can find content that speaks to them. The blog has an active forum where DevOps folks can connect with each other directly.

Post frequency: Infrequently

Of course, you don’t want to miss the Portshift blog, where we take a deep dive into securing Kubernetes microservices from development to runtime and what this involves. Microsegmentation and zero trust, what K8s Does and Doesn’t do for Security and Istio service expansion are just three of the latest topics covered.

New posts are published weekly, so make sure to add us to your rotation.

While this is by no means an exhaustive list, these blogs are our favorites. Have we missed any “must reads”? Do let us know!


Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x