Cloud Native Computing Foundation announces Prometheus graduation
Widely-adopted open source monitoring and alerting tool used by cloud native leaders like DigitalOcean, Red Hat, SUSE, and Weaveworks SAN FRANCISCO, Calif., August 9, 2018 – The Cloud Native Computing Foundation® (CNCF®), which sustains open source…
GitOps in 2025: From Old-School Updates to the Modern Way
1. Introduction: Why Everyone’s Talking About GitOps in 2025 It’s 2025, and building software is more cloud-driven than ever. Cloud computing offers incredible speed and flexibility, but it also brings complexity. Companies are expected to ship…
Announcing Kyverno Release 1.14!
TL;DR We are excited to announce the release of Kyverno 1.14.0, marking a significant milestone in our journey to make policy management in Kubernetes more modular, streamlined, and powerful. This release introduces two new policy types…
10 Years in Cloud Native: TOC Restructures Technical Groups
The CNCF Technical Oversight Committee (TOC) is the technical governing body responsible for maintaining the technical vision of the CNCF. At the time the CNCF was founded in 2015 and as of 2016, there were four…
Announcing OpenReports: Standardized Kubernetes Reporting
The Kubernetes ecosystem, while powerful, is a sprawling landscape of tools. As organizations scale their deployments, ensuring compliance and security becomes paramount. But how do you effectively track and report on your Kubernetes policies and scanners…
Announcing the Automated Governance Maturity Model
We are entering an era where Governance is increasingly important; with AI systems generating code and becoming a critical part of application’s runtime infrastructure, we can produce outputs at an increasingly rapid pace. Organizations and individuals…
These Kubernetes mistakes will make you an easy target for hackers
Kubernetes is exceedingly powerful for orchestrating containerized applications at scale. But without proper monitoring and observability—especially in self-managed infrastructure—it can quickly become a security disaster waiting to happen. This is not due to inherent flaws in…
Open Policy Agent: Best Practices for a Secure Deployment
Thanks to its performance and adaptability, Open Policy Agent (OPA) is a common choice for managing policy-as-code. Nonetheless, security flaws can develop if OPA is abused or improperly designed, much as with any tool handling important…
Scaling Platform Building: Balancing What is Unique to Your Org and Common Across Teams
In today’s fast-paced tech landscape, platform engineering has become a strategic priority for organisations seeking to streamline development, enhance operational efficiency, and maintain a competitive edge. Building an internal platform that serves your organisation’s unique needs…
Building Scalable, Agile, and Secure APIs with Kubernetes and Microservices
The dawn of APIs across the digital ecosystem has fundamentally disrupted standard business models and software development. And enhancing these approaches with intelligent, data-driven, and real-time insights allows your organization to dynamically scale. However traditional monolithic…