Last year, the Cloud Native Computing Foundation (CNCF) initiated a process of conducting third-party security audits for its own projects. The aim of these security audits was to improve the overall security of the CNCF ecosystem.
EnterpriseAI: "Kubernetes gets a security audit"
An open source group is expanding its third-party security audits to include the popular but vulnerable Kubernetes cluster orchestrator.
ZDNet: "Kubernetes reports the results of its open-source security audit"
All programs need security audits, but the Cloud Native Computing Foundation (CNCF) took a new open-source approach and revealed all to its users.
The New Stack: "CNCF open sources security audit of core Kubernetes components"
This week, the Cloud Native Computing Foundation (CNCF) has released the final results of a two-month-long, third-party security audit of eight core Kubernetes components, uncovering a variety of vulnerabilities.
Open sourcing the Kubernetes security audit
Last year, the Cloud Native Computing Foundation (CNCF) began the process of performing and open sourcing third-party security audits for its projects in order to improve the overall security of our ecosystem. The idea was to…
SiliconANGLE: "Security audit reveals 34 vulnerabilities in Kubernetes code"
An audit released today by the Cloud Native Computing Foundation has uncovered no fewer than 34 vulnerabilities in the code for Kubernetes, the highly popular open-source container orchestration system.
Container Journal: "CNCF completes Kubernetes cybersecurity audit"
The Cloud Native Computing Foundation (CNCF) this week announced the results of its recent audit performed as part of its ongoing commitment to continuously improve Kubernetes security.
eWeek: "Envoy CNCF project completes security audit, delivers new release"
The Cloud Native Computing Foundation (CNCF) has begun a process of performing third-party security audits for its projects, with the first completed audit coming from the Envoy proxy project. The Envoy proxy project was created by…
Auditing user activity in pods and nodes with the Security-Profiles-Operator
Kubernetes’ native audit logs are essential for tracking control plane activities, but they fail to capture what happens inside a container or on the host node itself during kubectl debugging sessions. This creates a security and…
Continued security improvements to CNCF projects with OSTIF audits
The Open Source Technology Improvement Fund, Inc (OSTIF) is thrilled to mark another successful year of helping CNCF projects with security audits. Since this partnership began in 2021, a total of 13 projects have graduated following…