Cloud Native Computing Foundation announces Prometheus graduation
Widely-adopted open source monitoring and alerting tool used by cloud native leaders like DigitalOcean, Red Hat, SUSE, and Weaveworks SAN FRANCISCO, Calif., August 9, 2018 – The Cloud Native Computing Foundation® (CNCF®), which sustains open source…
10 Years in Cloud Native: TOC Restructures Technical Groups
The CNCF Technical Oversight Committee (TOC) is the technical governing body responsible for maintaining the technical vision of the CNCF. At the time the CNCF was founded in 2015 and as of 2016, there were four…
Announcing OpenReports: Standardized Kubernetes Reporting
The Kubernetes ecosystem, while powerful, is a sprawling landscape of tools. As organizations scale their deployments, ensuring compliance and security becomes paramount. But how do you effectively track and report on your Kubernetes policies and scanners…
Announcing the Automated Governance Maturity Model
We are entering an era where Governance is increasingly important; with AI systems generating code and becoming a critical part of application’s runtime infrastructure, we can produce outputs at an increasingly rapid pace. Organizations and individuals…
These Kubernetes mistakes will make you an easy target for hackers
Kubernetes is exceedingly powerful for orchestrating containerized applications at scale. But without proper monitoring and observability—especially in self-managed infrastructure—it can quickly become a security disaster waiting to happen. This is not due to inherent flaws in…
Open Policy Agent: Best Practices for a Secure Deployment
Thanks to its performance and adaptability, Open Policy Agent (OPA) is a common choice for managing policy-as-code. Nonetheless, security flaws can develop if OPA is abused or improperly designed, much as with any tool handling important…
Scaling Platform Building: Balancing What is Unique to Your Org and Common Across Teams
In today’s fast-paced tech landscape, platform engineering has become a strategic priority for organisations seeking to streamline development, enhance operational efficiency, and maintain a competitive edge. Building an internal platform that serves your organisation’s unique needs…
Building Scalable, Agile, and Secure APIs with Kubernetes and Microservices
The dawn of APIs across the digital ecosystem has fundamentally disrupted standard business models and software development. And enhancing these approaches with intelligent, data-driven, and real-time insights allows your organization to dynamically scale. However traditional monolithic…
Automating NIS2 Compliance in Kubernetes with Kyverno: A Practical Guide
2025 is the year when NIS2 measures will start to bite. Is your platform team ready for the challenge? This post gives a brief overview of NIS2 in the context of platform engineering. Then it gives…
Falcoctl: Artifact Management for Falco
Artifact management is the process of storing, organising, and securing the essential components generated throughout software development. Cloudsmith defines artifacts as the tangible outputs of the development lifecycle, including compiled source code, libraries, executables, and configuration…