KubeEdge! CNCF’s First SLSA 3 Project
Community post by KubeEdge SIG-Security (Reprinted from the KubeEdge blog) In July 2022, the KubeEdge community completed a third-party security audit of KubeEdge[2] and released a paper on cloud native edge computing security threat analysis and…
How Flux and Pulumi give each other superpowers
Project post originally published on the Flux blog by Michael Bridgen Pulumi is an “Infrastructure as Code” tool that lets you specify your infrastructure as programs written in JavaScript, Python, Java, Go, .NET languages, or YAML. The Pulumi…
“A well-secured project”: Cilium security audits 2022 published
Project post by Liz Rice, Isovalent, for the Cilium project One of the benefits for CNCF projects is the funding of third-party security audits and testing. These help projects identify potential vulnerabilities in their code and…
How to implement FinOps and increase your Kubernetes cost avoidance
Guest post originally published on Fairwinds’s blog by John Hashem Many organizations recently started using Kubernetes in production and are just beginning to see what the Kubernetes and cloud costs really look like. It is not…
Guest post originally published on Flux’ blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities which…
Istio publishes results of 2022 security audit
Project post originally published on the Istio blog by Craig Box Security review of Istio finds a CVE in Go standard library Istio is a project that platform engineers trust to enforce security policy in their…
CloudNativeSecurityCon 2023: 3 key areas to watch
If the past couple of years taught us anything, it’s the importance of security in cloud native and open source environments. The fallout of vulnerabilities like Log4j even reached the U.S. Federal Government with the Executive…
Congratulations to 24 CNCF fall term LFX Program mentees!
We are excited to announce that 24 CNCF interns have successfully completed this term’s LFX Program! 24 of CNCF’s Graduated, Incubating, and Sandbox projects joined this round with projects including Meshery, WasmEdge, Kyverno, and Vitess. Additional…
Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…
Insiel is the in-house ICT company of Italy’s Friuli-Venezia Giulia Region that designs, implements and manages IT services in collaboration with the territory for the public offices of the Region, Municipalities, Companies, Health Services, Hospitals, local…