Announcing the Cloud Native Security White Paper
The CNCF Security Special Interest Group (SIG) has just released a new Cloud Native Security Whitepaper to help educate the community about best practices for securing cloud native deployments. The whitepaper intends to provide organizations and…
Many people know that Kubernetes can report API activity to logging back ends and that auditing is a powerful security tool, but what happens in the real world when you have: Multiple API servers Mutating Admission…
Common Kubernetes config security threats
Guest post originally published on the Fairwinds blog by Joe Pelletier, VP of strategy at Fairwinds Securing workloads in Kubernetes is an important part of overall cluster security. The overall goal should be to ensure that…
Identifying Kubernetes Config Security Threats: Pods Running as Root
Guest post by Joe Pelletier, VP of Strategy at Fairwinds With different teams – development, security and operations – and prioritization of speedy delivery over perfect configuration, mistakes are inevitable. As teams work on building and…
Kubernetes audit: making log auditing a viable practice again
Originally published on Alcide Blog by Nitzan Niv In the security world, one of the most established methods to identify that a system was compromised, abused or mis-configured is to collect logs of all the activity…
The CNCF engaged two security firms, Trail of Bits and Atredis Partners, to poke around Kubernetes code over the course of four months. The companies looked at Kubernetes components involved in networking, cryptography, authentication, authorization, secrets…
TOC approves CNCF SIGs and creates security and storage SIGs
Earlier this year, the Technical Oversight Committee (TOC) voted to create CNCF Special Interest Groups (SIGs). CNCF SIGs are currently being bootstrapped in various focus areas and primarily led by recognized experts and supported by contributors. They…
Kubernetes in highly restrictive environments: meeting the needs of enterprise governance & security
Installing Kubernetes is easy. Ensuring it complies with your organization’s enterprise governance and security requirements isn’t. Oleg will outline a plan to use the technology while meeting enterprise security requirements. In this technically-focused talk, he’ll summarize…
9 Kubernetes security best practices everyone must follow
By Connor Gilbert, product manager at StackRox Last month, the Kubernetes ecosystem was shaken by the discovery of the first major security flaw in Kubernetes, the world’s most popular container orchestrator. The vulnerability – CVE-2018-1002105 –…
CNCF to host two security projects – Notary and TUF specification
Riyaz Faizullabhoy, Docker Security Engineer, today announced on stage at Open Source Summit Europe, that the Cloud Native Computing Foundation (CNCF) Technical Oversight Committee (TOC) has voted Notary in as our 13th hosted project and TUF…