Combatting sophisticated cybersecurity threats with AI
As AI continues to evolve, businesses are rapidly integrating it into their operations. But with this growth comes an urgent need to prioritise cybersecurity because ignoring security risks in an AI-driven landscape can leave businesses vulnerable…
How to manage three top Kubernetes security vulnerabilities
This article explains: Kubernetes and security Across various organizations, Kubernetes is being adopted at lightning rates. It is estimated that 60% of organizations have adopted this technology, and the list of companies planning on transitioning to…
Notary Project completes its second audit!
Community post cross-posted on the OSTIF blog by Helen Woeste, Communications Manager, the Open Source Technology Improvement Fund OSTIF is proud to share the results of our second security audit of Notary Project. Notary Project is…
OpenTelemetry Collector completes fuzzing audit
Cross-posted from the OpenTelemetry blog by Adam Korczynski OpenTelemetry is happy to announce the completion of the Collector’s fuzzing audit sponsored by the CNCF and carried out by Ada Logics. The audit marks a significant step in the OpenTelemetry…
Keycloak completes fuzzing audit
Community post by Adam Korczynski, ADA Logics The Keycloak project has completed its fuzzing audit. The audit was carried out by Ada Logics, a UK-based security firm with deep expertise in fuzz testing, and the audit…
Automate Kubernetes Security and Operations with Kyverno Certified Associate (KCA)
Announcing a New CNCF certification for Kyverno Kyverno is an open-source policy engine designed for Kubernetes that allows teams to validate, mutate, and generate configurations, enabling the automation of security policies as code, beyond just audit…
Why Falco’s new response engine is a game changer for open source cloud native security
Project post by the Falco Team and Nigel Douglas Falco achieved CNCF Graduation status on February 29, 2024. Following the celebration of this significant milestone at KubeCon EU in Paris earlier this year, the project has…
Software supply chain compliance and security policies with SignServer, EJBCA, and Chainloop
Member post originally published on the EJBCA by Keyfactor and Chainloop blogs by Ben Dewberry, Product Manager, Signing and Key Management, Keyfactor and Miguel Martinez Trivino, Co-founder, Chainloop A software supply chain is the series of steps…
How to ace the Kubernetes and Cloud Native Security Associate (KCSA) exam
Community post originally published on Medium by Giorgi Keratishvili Introduction Over the last five years, security has emerged as one of the most demanding skills in IT. When combined with the equally sought-after skill of containers,…
Cross-posted from the OSTIF blog OSTIF is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of 7ASecurity and the Cloud Native…