Project post by Volcano project maintainers CNCF Volcano 1.6.0 is now available with new features such as elastic job management, dynamic scheduling and rescheduling based on actual resource utilization, and MPI job plugin. Volcano is the first cloud…
Know your cloud security acronyms: CWPP, CSPM, CIEM and CNAPP
Guest post originally published on the Orca Security blog by Ty Murphy and Sarah Smith Acronyms help communicate lengthy phrases, but they can sometimes be confusing. This is especially true in the security industry, which has an alphabet…
How to security harden Kubernetes in 2022
Guest post originally published on the Elastisys blog by the Elastisys team The NSA/CISA guidelines summarized, with Elastisys hands-on advice and real-world recommendations. Kubernetes is now the most popular container orchestration platform. Practically gone are the Mesoses and Docker…
Local Env as Code: Is it possible yet
Guest post by Jan Van Bruggen, Developer Relations Lead at itopia In the past decade, we’ve seen the rise, standardization and meme-ification of “as code”: Infrastructure as Code, Monitoring as Code, Policy as Code and soon perhaps Data…
Kubernetes ephemeral container security
Guest post originally published on Xenit’s blog by Philip Laine, DevOps Engineer at Xenit Attempting to debug a Pod and realizing that you can’t install curl due to security settings has to be a meme at this point….
Announcing the Refreshed Cloud Native Security Whitepaper
The CNCF Security Technical Advisory Group (TAG) has just released a refreshed Cloud Native Security Whitepaper v2 to help educate the community about best practices for securing cloud native deployments. The whitepaper intends to provide organizations and their…
Adopting FinOps tool for pod-level Kubernetes cost management
Guest post by Asaf Liveanu, Co-Founder & CPO at Finout Cost optimization is a growing concern for organizations rapidly moving towards open-source and cloud-native projects based on Kubernetes. While flexibility remains one of the key strengths of Kubernetes,…
How do you integrate Emissary Ingress with OPA
Guest post originally published on InfraCloud’s blog by Tayyab Jamadar API gateways play a vital role while exposing microservices. They are an additional hop in the network that the incoming request must go through in order to communicate…
How to secure deployments in Kubernetes?
Guest post originally published on ARMO’s blog by Leonid Sandler CTO & Co-founder at Armo Security is crucial for containerized applications that run on a shared infrastructure. With more and more organizations moving their container workloads to Kubernetes, K8s…
The grype admission controller
Guest post originally published on the BoxBoat blog by Josh Knarr Intro Today I want to write about the grype admission controller. I wrote it. I am proud of it. I think it solves a really uncomfortable problem in…