Building secure software supply chains in CNCF with SLSA assessments
To continue efforts to improve the security of our graduated and incubating projects, we recently worked with Chainguard to assess the software supply chain security practices of two of our graduated projects, Argo and Prometheus. These…
CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving…
Announcing the Kyverno 1.10 Pre-Release
Project post also on the Nirmata blog by the Kyverno maintainers Kyverno is a policy engine built for Kubernetes that helps secure and automate Kubernetes configurations. In Kubernetes policies are configurations that govern the configuration and…
Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…
Volcano Engine: distributed image acceleration practice based on Dragonfly
Project post by Gaius, Dragonfly Maintainer Terms and definitions Term Definition OCI The Open Container Initiative is a Linux Foundation project launched by Docker in June 2015 to design open standards for operating system-level virtualization (and…
Announcing a white paper on Platforms for Cloud Native Computing
Community post by Josh Gavant and Abby Bangser, CNCF’s Platforms WG CNCF’s Platforms working group (WG) is pleased to announce the first release of a whitepaper to provide guidance and clarity on the nature and benefits…
KubeVela: the road to cloud native application and platform engineering
Guest post by Da Yin, engineer at Alibaba Cloud and maintainer of KubeVela Background Dating back to year 2019, Kubernetes is gradually being widely adopted as the de facto standard for deploying and managing infrastructures. More…
The Notary project completes fuzzing security audit
Community post also published on the Notary blog by Adam Korczynski, David Korczynski, and Feynman Zhou Reviewed by Pritesh Bandi, Samir Kakkar, Shiwei Zhang, Toddy Mladenov, Vani Rao, Yi Zha The Notary Project is happy to…
Threat modeling to cloud native: we need a new approach
Guest post by Rodrigo Rocha In the past few years, many companies have moved to the cloud. It’s a movement that offers many benefits for businesses, but these benefits come with increased risk and vulnerabilities. Before…
Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…