Kubernetes runtime security with Falco and Sysdig
As DevOps teams ramp Kubernetes in production, their responsibilities expand beyond monitoring, capacity management and troubleshooting to include security and compliance. Teams are looking to merge these two functions into a single secure DevOps workflow. It’s time to…
The hidden economy of open source software
Member post originally published on Sysdig’s blog by Nigel Douglas The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source…
Global leader in cybersecurity deepens investment in cloud native to drive innovation for end users SAN FRANCISCO, CA – April 10, 2024 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, today…
Green Reviews Working Group: Moving towards measuring the sustainability footprint of CNCF projects
Cross-post from the Cloud Native Sustainability blog by Antonio di Turi, Imma Valls, Kristina Devochko, Leonard Pahlke, Niki Manoledaki, Ross Fairbanks In this blog post, we will take a look at how the Green Reviews Working Group is…
CNCF Graduated projects have been busy! Here are the latest updates
We’re excited to announce a slew of graduated project updates. Read on for some, but not all, of the latest news from the project teams, or get the comprehensive details on the video (which will preview at KubeCon…
Member post originally published on SighUp’s blog by Simone Ragonesi and Sara Trappetti Introduction In this article, we will conduct an in-depth exploration of an impactful vulnerability affecting various container runtimes. A few days ago, the email inbox of Snyk’s partners…
Rethinking threat detection and response in cloud native ecosystems
Community post originally published on DZone by Nigel Douglas In highly dynamic cloud-native environments, the traditional Threat Detection and Response (TDR) approaches are increasingly showing their limitations. With its unique architecture and operational dynamics, Kubernetes demands re-evaluating how we handle security threats,…
Cloud Native Computing Foundation Announces the Graduation of CloudEvents
CloudEvents cultivates event metadata interoperability across services and systems SAN FRANCISCO, Calif. – January 25, 2024 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, today announced the graduation of CloudEvents. CloudEvents…
New year, new skills: kick off 2024 with CNCF
By Christophe Sauthier, Cloud Native Training and Certification Lead, CNCF A recent CNCF micro-survey focused on training and certification revealed that the vast majority of IT professionals are eager to take new training courses or certifications. Respondents noted…
OpenFeature becomes a CNCF incubating project
The CNCF Technical Oversight Committee (TOC) has voted to accept OpenFeature as a CNCF incubating project. OpenFeature is an open specification that offers a vendor-agnostic, community-driven API for feature flagging, compatible with various feature flag management tools. Feature…