Cloud Native Live: SLSA with Cosign and Kyverno to secure software delivery
Software supply chain attacks have increased 650% in 2021! The Supply chain Levels for Software Artifacts (SLSA, pronounced “salsa”) framework for security and integrity of software artifacts through a supply chain provides detailed guidelines on securing…
Cloud Native Live: Kyverno In Production
Learn how to improve the security posture of your Kubernetes cluster using Kyverno. Kyverno is a policy engine designed specifically for Kubernetes. Kyverno allows cluster administrators to manage environment-specific configurations independently of workload configurations and enforce…
Being a Linux Foundation’s CNCF mentee — My journey with Kyverno
Mentorship spotlight guest post originally published on Medium by Yashvardhan Kukreja Hi folks! Recently, I completed the LFX CNCF Mentorship Programme which is an Open source programme where I worked on a cool project which goes…
Auto-labeling Kubernetes resources with Kyverno
Guest post originally published on Nirmata’s blog by Anubhav Sharma, VP, Business Development & Customer Success at Nirmata Introduction As Kubernetes has become the foundational building block for enterprises to go cloud-native, the last couple of…
Guest post originally published on Nirmata’s blog by Jim Bugwadia, founder and CEO at Nirmata In their recent report Container Adoption in the Enterprise, Forrester found that 86% of IT leaders are prioritizing increasing container usage for…
The New Stack: “Kyverno, a New CNCF Sandbox Project, Offers Kubernetes-Native Policy Management”
Kyverno, the open source Kubernetes-native policy engine built by Nirmata, has joined the Cloud Native Computing Foundation (CNCF) this week at the sandbox level. The development team hopes the software will help adoption of Kubernetes policies, by providing a…
The mentorship flywheel: How CNCF is growing the next generation of cloud native leaders
A record year for mentorship, 187 graduates contributing to the ecosystem, and one engineer’s journey from “I didn’t know about Docker” to Kyverno maintainer. In 2025, the CNCF mentorship programs hit a milestone: 187 successful mentorship…
Building platforms using kro for composition
Recent industry developments, such as Amazon’s announcement of the new EKS capabilities, highlight a trend toward supporting platforms with managed GitOps, cloud resource operators, and composition tooling. In particular, the involvement of Kube Resource Orchestrator (kro)—a…
Top 5 hard-earned lessons from the experts on managing Kubernetes
Kubernetes has transformed how modern organizations deploy and operate scalable infrastructure, and the hype around automated cloud native orchestration has made its adoption nearly ubiquitous over the past 10+ years. Yet behind the scenes, most teams…
Lima becomes a CNCF incubating project
The CNCF Technical Oversight Committee (TOC) has voted to accept Lima as a CNCF incubating project. Lima enables secure, isolated environments for running cloud native and AI workloads. What is Lima? Where Does It Fit in…