The CNCF Kubernetes Policy Working group (WG) has just released the Shift Down Security paper to help educate the community about how organizations can leverage cloud native security best practices to address key business risks and increase developer productivity.
This paper aims to provide a clear understanding of how platform engineering teams can adopt cloud native technologies such as Policy as Code to prevent misconfigurations and automate security concerns across all applications. The paper provides practical guidance on which security concerns can be moved into the platform, and shows how this approach can improve security while providing self-service agility to developers.
”Shift-down security is essential for cloud-native security. By embedding security directly into the Kubernetes platform, rather than adding it as afterthought, we empower developers, operators, and security teams strengthening the software supply chain, simplifying compliance, and building more resilient and secure cloud-native environments.” said Poonam Lamba, co-chair of the CNCF Kubernetes Policy Working Group and a Product Manager at Google Cloud.
”Kubernetes security is a shared responsibility, and ‘Shift-Down Security’ is a crucial strategy for platform teams to proactively address vulnerabilities and misconfigurations at the foundation. Enable developers, streamline security, and increase agility by building security into your cloud-native platform, not just on top of it.” said Glen Yu, contributor to the CNCF Kubernetes Policy Working Group and Sr. Manager of Cloud & Data at PwC Canada.
Kubernetes working groups are organized to address specific topics that span SIGs. The Kubernetes Policy WG is focused on policy implementations, architectures, and best practices for Kubernetes.
If you are interested in advancing Kubernetes policy management, join an upcoming meeting or message the group on the Slack channel.The Kubernetes Policy Management paper is available on GitHub.