Policy management in Kubernetes is changing
Ambassador post originally published on Medium by Emin Alemdar, CNCF Ambassador The Kubernetes API Server is one of the core components of the Kubernetes Control Plane. This component exposes the Kubernetes API and acts like a front end…
Automated security in GitOps pipelines with Weave Policy Engine
Member post originally published on the Weaveworks blog by Twain Taylor Discover the power of Weave Policy Engine for automated security in GitOps pipelines. Strengthen your Kubernetes applications’ security and compliance with policy-as-code enforcement. Learn more. Enterprises stepping…
PodSecurityPolicy migration with Kyverno
Project post originally published on the Kyverno blog As you’ve probably heard, PodSecurityPolicy (PSP) in Kubernetes is no more. After a deprecation beginning in v1.21, they were finally removed in v1.25. Many organizations out there are still relying on PSPs…
Base Image Finder, an open source tool for identifying base images
Member post originally published on the Fairwinds blog by Andy Suderman One challenge everyone working with containers has experienced is worrying about common vulnerabilities and exposures (CVEs) putting your apps and services at risk of attack. The obvious…
OpenKruise v1.4 release: new job sidecar terminator capability
Guest post by OpenKruise maintainers OpenKruise (https://github.com/openkruise/kruise) is an open-source cloud-native application automation management suite. It is also a current incubating project hosted by the Cloud Native Computing Foundation (CNCF). It is a standard extension component based on…
Protect the pipe! Secure CI/CD pipelines with a policy-based approach using Tekton and Kyverno
Guest post originally published on the Nirmata blog by Jim Bugwadia of Nirmata and Shripad Nadgowda a Cloud Architect at Intel Rise of software supply chain attacks In the last few years there has been a sharp rise…
Securing a Kubernetes pod with Regula and Open Policy Agent
Guest post originally published on Fugue’s blog by Becki Lee Fugue recently released Kubernetes support in Regula, our open source policy engine for checking infrastructure as code. Not only can Regula check your Terraform and CloudFormation files for security…
LFX Spring 2022 Mentorships are open – Apply for CNCF projects by February 13th!
By Ihor Dvoretskyi, Senior Developer Advocate, CNCF For the fourth year in a row, CNCF will be participating in LFX with a record-breaking 42 project ideas available to mentees. LFX is a platform that enables organizations to offer…
Welcome to Pluto, the place to start with open source development
Guest post originally published on Fairwind’s blog by Robert Brennan, Fairwinds Hello from Pluto, the little planet with big open source value. Once considered a full-size sphere in the cosmos, Pluto was downgraded to a dwarf planet in…
Kubescape: The first open source tool for running NSA and CISA Kubernetes hardening tests
Example test output from kubescape