LFX Program’s CNCF mentees have successfully finished Term 3!
We are thrilled to congratulate 34 mentees who have successfully graduated from the LFX Program after working with various CNCF projects over the last three months! Mentees had the opportunity to work on many different projects across our…
Cloud Native Now: “Why Container Runtimes Still Matter”
Today, Kubernetes and associated projects are the focus of most attention in cloud development—and the word “containers” is almost forgotten except as an implementation detail. Nevertheless, the CRI-O container runtime project is growing and frequently implementing new features to improve…
Kubernetes 1.28: the security perspective
Guest post originally published on ARMO’s blog by Ben Hirschberg, CTO & Co-founder at ARMO With each release, Kubernetes introduces new features and enhancements to improve the user experience and address the evolving needs of its users. Today’s release is…
Added flexibility and better performance are driving new use cases for WebAssembly
While WebAssembly (Wasm) is still primarily used to develop web applications, its use is expanding far beyond its original use case as part of the open web platform, according to the State of WebAssembly 2023 report developed for…
Introducing the Wasm landscape (in English and Chinese)
By Chris Aniszczyk, Vivian Hu and Michael Yuan “Containers are the new normal, and WebAssembly is the future.” — CNCF Annual Survey 2022 key findings. Originally created as a secure sandbox to run compiled C/C++ code in…
ITOps Times: “ITOps Open-Source Project of the Week: Crio-O”
The Cloud Native Computing Foundation has announced the graduation of the CRI-O project, which offers a reliable and high-performing implementation of the Container Runtime Interface (CRI) for the Kubelet.
New Kubernetes security audit complete and open sourced
By Chris Aniszczyk (@cra) and Rey Lejano In 2018, the Cloud Native Computing Foundation (CNCF) started performing and open sourcing third-party security audits with the goal of improving the overall security practices of our ecosystem. Since then, Argo,…
CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving Security by…
An overview of the CNCF and OSTIF impact report for the second half of 2022 and early 2023
By Chris Aniszczyk and Amir Montazery CNCF and Open Source Technology Improvement Fund (OSTIF) have been working together for the last several years to conduct security audits for CNCF’s Graduated and Incubating projects. As a result of CNCF’s…
“A well-secured project”: Cilium security audits 2022 published
Project post by Liz Rice, Isovalent, for the Cilium project One of the benefits for CNCF projects is the funding of third-party security audits and testing. These help projects identify potential vulnerabilities in their code and process improvements…