Community post by David Korczynski and Adam Korczynski of Ada Logics Fuzzing is a central role in today’s software development practices for ensuring secure and reliable software. CNCF is committed to promoting the use of fuzzing…
Cloud Native Computing Foundation Announces Cilium Graduation
eBPF-powered tool has been adopted by well over 100 organizations SAN FRANCISCO, Calif. – October 11, 2023 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, today announced the graduation…
Switching To Cilium For Scalable and Cloud Native Networking Trip.com Group Limited, a multinational travel service conglomerate, serves customers in over 40 languages and 200 countries. Their operations are supported by a vast IT infrastructure, with…
Notary Project announces a major release!
Project post originally published on the Notary Project blog by the Notary Project Release Team The Notary Project maintainers are proud to announce a major release, including Notary Project specifications v1.0.0, notation v1.0.0, notation-go v1.0.0, and notation-core-go v1.0.0 which are ready…
Cloud Native Computing Foundation Announces Graduation of Kubernetes Autoscaler KEDA
The event-driven autoscaler is now used in production by more than 45 organizations, including FedEx, Grafana Labs, KPMG, Reddit, and Xbox SAN FRANCISCO, Calif. – August 22, 2023 – The Cloud Native Computing Foundation® (CNCF®), which…
Cloud Native Computing Foundation Announces Graduation of CRI-O
The Kubernetes Container Runtime provides users with a simple, clear, and performant container manager for cloud native workloads SAN FRANCISCO, Calif. – July 19, 2023 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems…
Building secure software supply chains in CNCF with SLSA assessments
To continue efforts to improve the security of our graduated and incubating projects, we recently worked with Chainguard to assess the software supply chain security practices of two of our graduated projects, Argo and Prometheus. These…
Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities…
An overview of the CNCF and OSTIF impact report for the second half of 2022 and early 2023
By Chris Aniszczyk and Amir Montazery CNCF and Open Source Technology Improvement Fund (OSTIF) have been working together for the last several years to conduct security audits for CNCF’s Graduated and Incubating projects. As a result…
KubeEdge! CNCF’s First SLSA 3 Project
Community post by KubeEdge SIG-Security (Reprinted from the KubeEdge blog) In July 2022, the KubeEdge community completed a third-party security audit of KubeEdge[2] and released a paper on cloud native edge computing security threat analysis and…