Search results for: artifact hub


Building secure software supply chains in CNCF with SLSA assessments

Posted on April 19, 2023

To continue efforts to improve the security of our graduated and incubating projects, we recently worked with Chainguard to assess the software supply chain security practices of two of our graduated projects, Argo and Prometheus. These…


CNCF fuzzing open source projects for security and reliability

Posted on April 18, 2023

By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving…


Announcing the Kyverno 1.10 Pre-Release

Posted on April 18, 2023

Project post also on the Nirmata blog by the Kyverno maintainers Kyverno is a policy engine built for Kubernetes that helps secure and automate Kubernetes configurations. In Kubernetes policies are configurations that govern the configuration and…


Flux: March 2023 Update

Posted on April 14, 2023

Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…


Volcano Engine: distributed image acceleration practice based on Dragonfly

Posted on April 13, 2023

Project post by Gaius, Dragonfly Maintainer Terms and definitions Term Definition OCI The Open Container Initiative is a Linux Foundation project launched by Docker in June 2015 to design open standards for operating system-level virtualization (and…


Announcing a white paper on Platforms for Cloud Native Computing

Posted on April 11, 2023 | Josh Gavant + Abby Bangser

Community post by Josh Gavant and Abby Bangser, CNCF’s Platforms WG CNCF’s Platforms working group (WG) is pleased to announce the first release of a whitepaper to provide guidance and clarity on the nature and benefits…


KubeVela: the road to cloud native application and platform engineering

Posted on March 31, 2023

Guest post by Da Yin, engineer at Alibaba Cloud and maintainer of KubeVela Background Dating back to year 2019, Kubernetes is gradually being widely adopted as the de facto standard for deploying and managing infrastructures. More…


The Notary project completes fuzzing security audit

Posted on March 21, 2023

Community post also published on the Notary blog by Adam Korczynski, David Korczynski, and Feynman Zhou Reviewed by Pritesh Bandi, Samir Kakkar, Shiwei Zhang, Toddy Mladenov, Vani Rao, Yi Zha The Notary Project is happy to…


Threat modeling to cloud native: we need a new approach

Posted on March 16, 2023

Guest post by Rodrigo Rocha In the past few years, many companies have moved to the cloud. It’s a movement that offers many benefits for businesses, but these benefits come with increased risk and vulnerabilities. Before…


Flux February 2023 update

Posted on March 6, 2023 | Daniel Holbach

Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…