Identifying Kubernetes Config Security Threats: Pods Running as Root
Guest post by Joe Pelletier, VP of Strategy at Fairwinds With different teams – development, security and operations – and prioritization of speedy delivery over perfect configuration, mistakes are inevitable. As teams work on building and…
Kubernetes audit: making log auditing a viable practice again
Originally published on Alcide Blog by Nitzan Niv In the security world, one of the most established methods to identify that a system was compromised, abused or mis-configured is to collect logs of all the activity…
The CNCF engaged two security firms, Trail of Bits and Atredis Partners, to poke around Kubernetes code over the course of four months. The companies looked at Kubernetes components involved in networking, cryptography, authentication, authorization, secrets…
TOC approves CNCF SIGs and creates security and storage SIGs
Earlier this year, the Technical Oversight Committee (TOC) voted to create CNCF Special Interest Groups (SIGs). CNCF SIGs are currently being bootstrapped in various focus areas and primarily led by recognized experts and supported by contributors. They…
Kubernetes in highly restrictive environments: meeting the needs of enterprise governance & security
Installing Kubernetes is easy. Ensuring it complies with your organization’s enterprise governance and security requirements isn’t. Oleg will outline a plan to use the technology while meeting enterprise security requirements. In this technically-focused talk, he’ll summarize…
9 Kubernetes security best practices everyone must follow
By Connor Gilbert, product manager at StackRox Last month, the Kubernetes ecosystem was shaken by the discovery of the first major security flaw in Kubernetes, the world’s most popular container orchestrator. The vulnerability – CVE-2018-1002105 –…
CNCF to host two security projects – Notary and TUF specification
Riyaz Faizullabhoy, Docker Security Engineer, today announced on stage at Open Source Summit Europe, that the Cloud Native Computing Foundation (CNCF) Technical Oversight Committee (TOC) has voted Notary in as our 13th hosted project and TUF…
Karmada v1.15 Released! Enhanced Resource Awareness for Multi-Template Workloads
Karmada is an open multi-cloud and multi-cluster container orchestration engine designed to help users deploy and operate business applications in a multi-cloud environment. With its compatibility with the native Kubernetes API, Karmada can smoothly migrate single-cluster…
Dragonfly v2.3.0 has been released
Dragonfly v2.3.0 is released! 🎉🎉🎉 Thanks to the contributors who made this release happen. We welcome you to visit d7y.io website to learn more. Features Persistent Cache Task It designs to provide persistent caching for tasks. This tool can import…
Protecting NATS and the integrity of open source: CNCF’s commitment to the community
Updated May 1, 2025: CNCF and Synadia have come to an agreement to ensure that NATS continues to thrive as a healthy open source project within CNCF, with Synadia’s continued support and involvement. Please see our…