CNCF On demand webinar: Securing Kubernetes runtime with KubeArmor
KubeArmor is an innovative security system designed to enhance the security of Kubernetes runtime environments. It enforces granular security policies, offers real-time threat detection, and provides a fine-grained, flexible security framework. KubeArmor’s container-aware approach, compatibility, and…
Kyverno expands beyond Kubernetes
Project post by Kyverno maintainers Kyverno, the open-source policy engine originally built for Kubernetes, is pleased to announce support for non-Kubernetes workloads, by supporting policies that operate on JSON payloads. Due to its simplicity and wide…
Secure application communications with Mutual TLS and Istio
Member post originally published on Isto’s blog by Lin Sun and Yuval Kohavi Dive into securing application communications, mTLS and Istio to achieve end-to-end mTLS among your applications. One of the biggest reasons users adopt service…
Securing attacks targeted at user or kernel level for customer X with KubeArmor & AWS Bottlerocket
Member post by AccuKnox Introduction: In the realm of cybersecurity, ensuring that virtualized or cloud-based infrastructures security is paramount. One crucial aspect is safeguarding applications where most of our crown-jewel sits and are susceptible to dynamic…
CNCF On demand webinar: Keys to building trusted software in cloud native pipelines
You’ve started to shift security left in order to catch security issues earlier in development, but are you using trusted, verified open source software components when writing your code? Are you signing your code commits and…
Keeping secrets secure on Kubernetes
Member post originally published on the CyberArk blog by John Walsh Handling secrets in cloud-native environments is a challenge for many organizations. Virtually any application requires some sort of secret, such as a database password, a…
Kubernetes governance & the top 5 best practices of K8s deployment
Member post originally published on the Fairwinds blog by Joe Pelletier The widespread adoption of containerized applications has fundamentally changed how organizations develop, deploy, and manage their software infrastructure. Kubernetes is fundamental to this change, because…
Introduction Harbor is a self-hosted cloud native registry that stores, scans, and signs content such as container images as well as OCI artifacts, including Helm charts. It extends the open source CNCF Distribution project and adds…
Guest post originally published on Weaveworks’ blog Overview Developed by Weaveworks in 2016, Flux CD is a GitOps continuous delivery tool used to streamline and automate application deployments. It started as a small, internal project; now it’s a CNCF-graduated…
Introducing the Wasm landscape (in English and Chinese)
By Chris Aniszczyk, Vivian Hu and Michael Yuan “Containers are the new normal, and WebAssembly is the future.” — CNCF Annual Survey 2022 key findings. Originally created as a secure sandbox to run compiled C/C++…