The New Stack: "Open Policy Agent’s mission to secure the cloud"
If cloud computing and software development are to continue to thrive, more cooperation is needed to ensure our shared systems are secure. To do that, we need to agree to implement industry standards in vital areas. The Open…
Top four Kubernetes attack chains and how to break them
Member post originally published on ARMO’s blog by Oshrat Nir, Developer Advocate at ARMO While Kubernetes adoption continues to soar, it has become a prime target for cyberattacks. Unfortunately, Kubernetes clusters are complex and can be difficult to secure….
Secure your Kubernetes environment with OPA and Gatekeeper
Guest post originally published on SighUP’s blog by Simone Ragonesi We will introduce you to the powerful combination of Open Policy Agent (OPA) and Gatekeeper for Kubernetes security. In this article, we will introduce you to the powerful combination…
The five laws of cloud native authorization
Guest post originally published on Aserto’s blog by Omri Gazitt Overview In a microservices world, each service needs to verify that a subject (user or machine) has permission to perform an operation on a resource that the service…
Congratulations to 24 CNCF fall term LFX Program mentees!
We are excited to announce that 24 CNCF interns have successfully completed this term’s LFX Program! 24 of CNCF’s Graduated, Incubating, and Sandbox projects joined this round with projects including Meshery, WasmEdge, Kyverno, and Vitess. Additional details on…
Kubernetes governance explained
Guest post originally published on the Coredge blog Introduction According to IDC (IDC: Expect 175 zettabytes of data worldwide by 2025 ), it is projected that by 2025 our global data volume will reach 175 zetabytes. As the data…
How to secure Kubernetes Pods post-PSPs deprecation
Guest post originally published on the ARMO blog by Amir Kaushansky Kubernetes pods are the basic building blocks of Kubernetes. It’s managing one or more tightly coupled application containers allowing them to share resources and networks. Pods are hosted on…
Real-time dynamic authorization – an introduction to OPAL
An introduction to OPAL – an open-source administration layer for Open Policy Agent (OPA) that allows you to easily keep your authorization layer up-to-date in real-time Guest post originally published on the Permit.io blog by Daniel Bass TL;DR OPAL is an open-source administration…
How do you integrate Emissary Ingress with OPA
Guest post originally published on InfraCloud’s blog by Tayyab Jamadar API gateways play a vital role while exposing microservices. They are an additional hop in the network that the incoming request must go through in order to communicate…
How to get robust GitOps? The U.S. Department of Defense uses Flux and Helm
Project post cross-posted from the Weaveworks blog by Tamao Nakahara, Head of Developer Experience, Weaveworks and Flux community manager Challenge The DoD knew that it needed GitOps. Nicolas M. Chaillan, Chief Software Officer of the U.S. Air Force…