Security Boulevard: "CNCF-led open source Kubernetes security audit reveals 37 flaws in Kubernetes cluster; recommendations proposed"
Security Boulevard: "CNCF-led open source Kubernetes security audit reveals 37 flaws in Kubernetes cluster; recommendations proposed"
Last year, the Cloud Native Computing Foundation (CNCF) initiated a process of conducting third-party security audits for its own projects. The aim of these security audits was to improve the overall security of the CNCF ecosystem.
August 9, 2019

EnterpriseAI: "Kubernetes gets a security audit"
EnterpriseAI: "Kubernetes gets a security audit"
An open source group is expanding its third-party security audits to include the popular but vulnerable Kubernetes cluster orchestrator.
August 9, 2019

ZDNet: "Kubernetes reports the results of its open-source security audit"
ZDNet: "Kubernetes reports the results of its open-source security audit"
All programs need security audits, but the Cloud Native Computing Foundation (CNCF) took a new open-source approach and revealed all to its users.
August 8, 2019

InfoWorld: "Open source has never been stronger"
InfoWorld: "Open source has never been stronger"
With cloud companies open-sourcing their innovations, and enterprises increasing participation, open source sustainability is at an all-time high.
August 8, 2019

2019 CNCF cloud native survey call to participate
2019 CNCF cloud native survey call to participate
It’s time for the CNCF Cloud Native Survey! The goal of this survey, which will be issued in advance of KubeCon + CloudNativeCon North America (November 18-21, 2019), is to understand the state of Kubernetes, container, and serverless...
August 8, 2019 | Kim McMahon

SDxCentral: "Kubernetes looks inside and finds security holes"
SDxCentral: "Kubernetes looks inside and finds security holes"
The Kubernetes ecosystem took a look in the security mirror and found it has some work to do in order to ensure a better security posture for the container orchestration platform. The move comes as a...
August 7, 2019

The New Stack: "CNCF open sources security audit of core Kubernetes components"
The New Stack: "CNCF open sources security audit of core Kubernetes components"
This week, the Cloud Native Computing Foundation (CNCF) has released the final results of a two-month-long, third-party security audit of eight core Kubernetes components, uncovering a variety of vulnerabilities.
August 6, 2019

Open sourcing the Kubernetes security audit
Open sourcing the Kubernetes security audit
Last year, the Cloud Native Computing Foundation (CNCF) began the process of performing and open sourcing third-party security audits for its projects in order to improve the overall security of our ecosystem. The idea was to...
August 6, 2019 | Chris Aniszczyk

SiliconANGLE: "Security audit reveals 34 vulnerabilities in Kubernetes code"
SiliconANGLE: "Security audit reveals 34 vulnerabilities in Kubernetes code"
An audit released today by the Cloud Native Computing Foundation has uncovered no fewer than 34 vulnerabilities in the code for Kubernetes, the highly popular open-source container orchestration system.
August 6, 2019

The Register: "Captain, we've detected a disturbance in space-time. It's coming from Earth. Someone audited the Kubernetes source"
The Register: "Captain, we've detected a disturbance in space-time. It's coming from Earth. Someone audited the Kubernetes source"
The CNCF engaged two security firms, Trail of Bits and Atredis Partners, to poke around Kubernetes code over the course of four months. The companies looked at Kubernetes components involved in networking, cryptography, authentication, authorization, secrets...
August 6, 2019