News

Last year, the Cloud Native Computing Foundation (CNCF) initiated a process of conducting third-party security audits for its own projects. The aim of these security audits was to improve the overall security of the CNCF ecosystem.

An open source group is expanding its third-party security audits to include the popular but vulnerable Kubernetes cluster orchestrator.

All programs need security audits, but the Cloud Native Computing Foundation (CNCF) took a new open-source approach and revealed all to its users.

With cloud companies open-sourcing their innovations, and enterprises increasing participation, open source sustainability is at an all-time high.

The Kubernetes ecosystem took a look in the security mirror and found it has some work to do in order to ensure a better security posture for the container orchestration platform. The move comes as a...

This week, the Cloud Native Computing Foundation (CNCF) has released the final results of a two-month-long, third-party security audit of eight core Kubernetes components, uncovering a variety of vulnerabilities.

An audit released today by the Cloud Native Computing Foundation has uncovered no fewer than 34 vulnerabilities in the code for Kubernetes, the highly popular open-source container orchestration system.

The CNCF engaged two security firms, Trail of Bits and Atredis Partners, to poke around Kubernetes code over the course of four months. The companies looked at Kubernetes components involved in networking, cryptography, authentication, authorization, secrets...

The Cloud Native Computing Foundation (CNCF) this week announced the results of its recent audit performed as part of its ongoing commitment to continuously improve Kubernetes security.

While Kubernetes is still not in production at most enterprises, Italy’s biggest bank shows the way forward.