Announcing OpenReports: Standardized Kubernetes Reporting
The Kubernetes ecosystem, while powerful, is a sprawling landscape of tools. As organizations scale their deployments, ensuring compliance and security becomes paramount. But how do you effectively track and report on your Kubernetes policies and scanners…
Announcing the Automated Governance Maturity Model
We are entering an era where Governance is increasingly important; with AI systems generating code and becoming a critical part of application’s runtime infrastructure, we can produce outputs at an increasingly rapid pace. Organizations and individuals…
These Kubernetes mistakes will make you an easy target for hackers
Kubernetes is exceedingly powerful for orchestrating containerized applications at scale. But without proper monitoring and observability—especially in self-managed infrastructure—it can quickly become a security disaster waiting to happen. This is not due to inherent flaws in…
Open Policy Agent: Best Practices for a Secure Deployment
Thanks to its performance and adaptability, Open Policy Agent (OPA) is a common choice for managing policy-as-code. Nonetheless, security flaws can develop if OPA is abused or improperly designed, much as with any tool handling important…
Scaling Platform Building: Balancing What is Unique to Your Org and Common Across Teams
In today’s fast-paced tech landscape, platform engineering has become a strategic priority for organisations seeking to streamline development, enhance operational efficiency, and maintain a competitive edge. Building an internal platform that serves your organisation’s unique needs…
Building Scalable, Agile, and Secure APIs with Kubernetes and Microservices
The dawn of APIs across the digital ecosystem has fundamentally disrupted standard business models and software development. And enhancing these approaches with intelligent, data-driven, and real-time insights allows your organization to dynamically scale. However traditional monolithic…
Automating NIS2 Compliance in Kubernetes with Kyverno: A Practical Guide
2025 is the year when NIS2 measures will start to bite. Is your platform team ready for the challenge? This post gives a brief overview of NIS2 in the context of platform engineering. Then it gives…
Falcoctl: Artifact Management for Falco
Artifact management is the process of storing, organising, and securing the essential components generated throughout software development. Cloudsmith defines artifacts as the tangible outputs of the development lifecycle, including compiled source code, libraries, executables, and configuration…
Why Infrastructure as Code Needs to be Secure by Default
Infrastructure as Code (IaC) has become the standard for managing cloud infrastructure, but it introduces significant challenges, particularly around security and compliance. Issues such as misconfigurations, secret management, policy enforcement, and auditing can complicate workflows. These…
The rapid growth of AI applications across industries has led to significant changes, particularly with the adoption of deep learning and generative AI, which provide a competitive advantage in industries such as drug discovery in pharmaceutical…