CEL-ebrating simplicity: mastering Kubernetes policy enforcement with CEL
Community post by Kevin Conner, Chief Engineer, Getup Cloud and co-author of Kubernetes in Action 2nd Edition As Kubernetes deployments grow in scale and complexity, policy enforcement becomes a critical aspect of maintaining secure and reliable…
In Hong Kong this summer, cloud native enthusiasts from across Asia and around the world will convene to move forward cloud native, open source, and AI technologies Hong Kong – June 12, 2024 – The Cloud…
Policy management in Kubernetes is changing
Ambassador post originally published on Medium by Emin Alemdar, CNCF Ambassador The Kubernetes API Server is one of the core components of the Kubernetes Control Plane. This component exposes the Kubernetes API and acts like a…
Automated security in GitOps pipelines with Weave Policy Engine
Member post originally published on the Weaveworks blog by Twain Taylor Discover the power of Weave Policy Engine for automated security in GitOps pipelines. Strengthen your Kubernetes applications’ security and compliance with policy-as-code enforcement. Learn more….
PodSecurityPolicy migration with Kyverno
Project post originally published on the Kyverno blog As you’ve probably heard, PodSecurityPolicy (PSP) in Kubernetes is no more. After a deprecation beginning in v1.21, they were finally removed in v1.25. Many organizations out there are still relying…
Base Image Finder, an open source tool for identifying base images
Member post originally published on the Fairwinds blog by Andy Suderman One challenge everyone working with containers has experienced is worrying about common vulnerabilities and exposures (CVEs) putting your apps and services at risk of attack….
OpenKruise v1.4 release: new job sidecar terminator capability
Guest post by OpenKruise maintainers OpenKruise (https://github.com/openkruise/kruise) is an open-source cloud-native application automation management suite. It is also a current incubating project hosted by the Cloud Native Computing Foundation (CNCF). It is a standard extension component…
Protect the pipe! Secure CI/CD pipelines with a policy-based approach using Tekton and Kyverno
Guest post originally published on the Nirmata blog by Jim Bugwadia of Nirmata and Shripad Nadgowda a Cloud Architect at Intel Rise of software supply chain attacks In the last few years there has been a…
Securing a Kubernetes pod with Regula and Open Policy Agent
Guest post originally published on Fugue’s blog by Becki Lee Fugue recently released Kubernetes support in Regula, our open source policy engine for checking infrastructure as code. Not only can Regula check your Terraform and CloudFormation files…