Blog

Originally posted on Nirmata.com on October 1, 2025 How Kyverno extends and integrates with Kubernetes policies With the addition of ValidatingAdmissionPolicy and MutatingAdmissionPolicy in Kubernetes, do you still need Kyverno? This post answers the question by...

Understanding Multi-tenancy When we are building Internal Developer Platforms (IDP) for our customers Kubernetes is often a solid choice as the robust core of this platform. This is due to its technical capabilities and the strong...

This is the very first KyvernoCon! While Kyverno has been part of the CNCF since November 2020, and has had a strong presence at past KubeCon events through policy as code focused talks, maintainer sessions, and...

Kyverno 1.15 makes Kubernetes policy management more powerful, extensible, and user-friendly. We are thrilled to announce the release of Kyverno 1.15.0, continuing our mission to make policy management in Kubernetes environments more modular, performant, and user-friendly....

A practical approach to implementing CIS security controls using CNCF cloud native tools. Introduction: The Challenge of EKS Compliance at Scale  Maintaining CIS Benchmarks compliance for Amazon EKS across multiple clusters is a common challenge in...

This is post 2 out of 3 with an Introduction to Policy as Code preceding this. Kubernetes continues to grow, but it has already become the main component of cloud native architectures. Maintaining your cluster is...

Introduction to PaC While cloud platforms and cloud native environments grow in popularity and complexity, the security challenges around it grow in an even faster way. Managing tens, hundreds and even thousands of kubernetes clusters in...

Originally posted on Nirmata’s blog. Platform engineers, let’s talk about a fundamental shift that’s revolutionizing how we build and manage internal developer platforms: Policy as Code (PaC). This isn’t just another buzzword; it’s the key to...

Get to know Jana We’re thrilled to recognize Jana Vonšák from Slovakia as our first-ever female Golden Kubestronaut. A dedicated DevOps Security Engineer with a background in software development, Jana brings a rare blend of development...

Get to know Williem Willem Berroubache is a cloud native and Security Architect based in Paris, France, currently working at Orange. Over the years, he has worked on private cloud security use cases and telco cloud...

By Chris Aniszczyk (CNCF), Adam Korczynski (Ada Logics), David Korczynski (Ada Logics) CNCF maintains a high level of security for its projects by way of a series of initiatives such as security auditing, supply-chain assessments and...

Member post originally published on Fastly’s blog by Hannah Aubry About five years ago, Fastly had a problem with scale. No, not our network. Fastly’s network continues to scale effortlessly, including recently breezing past a 353...

Member post by Jatinder Singh Purba, Principal, Infosys; Krishnakumar V, Principal, Infosys; Prabhat Kumar, Senior Industry Principal, Infosys; and Shreshta Shyamsundar, Distinguished Technologist, Infosys Emerging Trends in the Cloud-native Ecosystem In the last quarter of 2024,...

Announcing a New CNCF certification for Kyverno Kyverno is an open-source policy engine designed for Kubernetes that allows teams to validate, mutate, and generate configurations, enabling the automation of security policies as code, beyond just audit...

Project post originally published on the Kyverno blog Kyverno 1.13 released with Sigstore bundle verification, exceptions for validatingAdmissionPolicies, new assertion trees, generate enhancments, enhanced ValidatingAdmissionPolicy and PolicyException support, and tons more! Wednesday, October 30, 2024 Kyverno...

Get to know Rishabh This week’s Kubestronaut in Orbit, Rishabh Sharma, our first Kubestonaut from Finland, is a senior software development engineer where he manages cloud native tech solutions for Capgemini Finland Oy. He is currently...

The CNCF Technical Oversight Committee (TOC) has voted to accept Artifact Hub as a CNCF incubating project.  Artifact Hub is a web-based application that enables finding, installing, and publishing cloud native packages and configurations. Discovering useful...

Member post originally published on Nirmata’s blog by Boris Kurktchiev Introduction As organizations increasingly turn to Kubernetes to deploy and manage containerized applications, they face unique challenges in efficiently allocating resources. The dynamic nature of Kubernetes...

Member post originally published on the Nirmata Blog by Jim Bugwadia The Don’t Repeat Yourself (DRY) principle of software development advocates avoiding repetition of code that is likely to change. Replacing similar code with reusable abstractions makes software...

Congratulations to CNCF’s 2024 Term 1 (March – May) LFX Program mentees who have finished the program successfully! Following a three-month program working with 28 different Graduated, Incubating, and Sandbox projects, including Antrea, Istio, KubeEdge, OpenTelemetry,...