Securing Kubernetes cluster using Kubescape and kube-bench
Guest post originally published on InfraCloud’s blog by Amar Chand With businesses adopting cloud native technology, Kubernetes has emerged as a primary tool of choice for container orchestration. Deploying and managing applications has never been easier….
What can Confidential Computing do for the Kubernetes community?
Guest post originally published on the Edgeless Systems blog by Fabian Kammel, Senior Security Engineer This is a summary of the talk I gave at the Kubernetes Community Days (KCD) Berlin 2022. Both, the slides and a recording…
Project post by KubeEdge maintainers The security of cloud native edge computing has been of concern to many users. It was difficult for users to perform effective security hardening on their edge systems due to no…
2022 Argo external security audit: Lessons learned
Project post cross-posted from the Argo Blog by Michael Crenshaw In early 2022, the Argo team and CNCF began work with Ada Logics to perform a security audit on the four Argo projects. Ada Logics discovered…
TOC votes to advance Keptn to the CNCF Incubator
The CNCF Technical Oversight Committee (TOC) has voted to accept Keptn as a CNCF incubating project. Keptn is an event-driven orchestration engine that connects observability with operations in cloud native applications. The project uses a declarative…
Local Env as Code: Is it possible yet
Guest post by Jan Van Bruggen, Developer Relations Lead at itopia In the past decade, we’ve seen the rise, standardization and meme-ification of “as code”: Infrastructure as Code, Monitoring as Code, Policy as Code and soon…
Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…
This is a summary of the Kubernetes project’s contributor community and activities. This report documents both quantitative measures of community health (project milestones and snapshot) as well as qualitative measures of the community as reported by…
Announcing the Secure Software Factory Reference Architecture Paper
Community post by Alexander Floyd Marshall from TAG Security Almost a year ago the CNCF published its “Software Supply Chain Best Practices” guide, detailing over 50 ways to improve cloud-native software supply chains. That guide referenced…
Cloud Native Maturity Model 2.0
Community post by Danielle Cook, Simon Forster for the Cartographos Working Group KubeCon 2021 in North America saw the launch of the Cloud Native Maturity Model, a model launched by the Cartografos Working Group to help…