ITOps Times: “ITOps Open-Source Project of the Week: Crio-O”
The Cloud Native Computing Foundation has announced the graduation of the CRI-O project, which offers a reliable and high-performing implementation of the Container Runtime Interface (CRI) for the Kubelet.
New Kubernetes security audit complete and open sourced
By Chris Aniszczyk (@cra) and Rey Lejano In 2018, the Cloud Native Computing Foundation (CNCF) started performing and open sourcing third-party security audits with the goal of improving the overall security practices of our ecosystem. Since…
CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving…
An overview of the CNCF and OSTIF impact report for the second half of 2022 and early 2023
By Chris Aniszczyk and Amir Montazery CNCF and Open Source Technology Improvement Fund (OSTIF) have been working together for the last several years to conduct security audits for CNCF’s Graduated and Incubating projects. As a result…
“A well-secured project”: Cilium security audits 2022 published
Project post by Liz Rice, Isovalent, for the Cilium project One of the benefits for CNCF projects is the funding of third-party security audits and testing. These help projects identify potential vulnerabilities in their code and…
2022 Kubernetes vulnerabilities – Main takeaways
Guest post originally published on ARMO’s blog by Ben Hirschberg All the main K8s vulnerabilities from 2022 consolidated into one article. Put together by Ben Hirschberg, CTO & co-founder of ARMO. During 2022, Kubernetes continued to cement itself…
Congratulations to the 27 Summer LFX Program CNCF interns!
After an exciting Spring term, 36 interns have graduated from the latest LFX mentorship program funded by CNCF! 15 of CNCF’s Graduated, Incubating, and Sandbox projects joined this round with projects including Chaos Mesh, Kubernetes, KubeEdge…
Improving CNCF security posture with independent security audits
When Policy meets Execution Community post by Amir Montazery, Managing Director, Open Source Technology Improvement Fund In this blog post, we present an overview of independent audits conducted at the end of 2021 and first half…
Improving Security by Fuzzing the CNCF landscape
By Chris Aniszczyk (CNCF), Adam Korczynski (Ada Logics), David Korczynski (Ada Logics) In this blog post we present an overview of the state of fuzzing across CNCF projects. This is based on efforts and work that…
KubeVirt becomes a CNCF incubating project
The CNCF Technical Oversight Committee (TOC) has voted to accept KubeVirt as a CNCF incubating project. KubeVirt enables users to run virtual machine workloads on top of Kubernetes in a Kubernetes-native way. It allows the migration…