HelpNetSecurity: "Kubernetes security matures: Inside the project’s first audit"
Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created the Security Audit Working Group to perform an audit in an…
OpenTelemetry Collector completes fuzzing audit
Cross-posted from the OpenTelemetry blog by Adam Korczynski OpenTelemetry is happy to announce the completion of the Collector’s fuzzing audit sponsored by the CNCF and carried out by Ada Logics. The audit marks a significant step in the OpenTelemetry…
Keycloak completes fuzzing audit
Community post by Adam Korczynski, ADA Logics The Keycloak project has completed its fuzzing audit. The audit was carried out by Ada Logics, a UK-based security firm with deep expertise in fuzz testing, and the audit…
Automate Kubernetes Security and Operations with Kyverno Certified Associate (KCA)
Announcing a New CNCF certification for Kyverno Kyverno is an open-source policy engine designed for Kubernetes that allows teams to validate, mutate, and generate configurations, enabling the automation of security policies as code, beyond just audit…
Why Falco’s new response engine is a game changer for open source cloud native security
Project post by the Falco Team and Nigel Douglas Falco achieved CNCF Graduation status on February 29, 2024. Following the celebration of this significant milestone at KubeCon EU in Paris earlier this year, the project has…
Software supply chain compliance and security policies with SignServer, EJBCA, and Chainloop
Member post originally published on the EJBCA by Keyfactor and Chainloop blogs by Ben Dewberry, Product Manager, Signing and Key Management, Keyfactor and Miguel Martinez Trivino, Co-founder, Chainloop A software supply chain is the series of steps…
How to ace the Kubernetes and Cloud Native Security Associate (KCSA) exam
Community post originally published on Medium by Giorgi Keratishvili Introduction Over the last five years, security has emerged as one of the most demanding skills in IT. When combined with the equally sought-after skill of containers,…
Cross-posted from the OSTIF blog OSTIF is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of 7ASecurity and the Cloud Native…
Kubernetes turns 10: triumphs, trials, and the ongoing battle for security
Member post by Nigel Douglas, Senior Developer Advocate at Sysdig Kubernetes will celebrate its 10th anniversary at the “KuberTENes Birthday Bash” this week. This milestone is a perfect time to commemorate the platform’s decade-long journey and…
The premier conference for cloud native security reunites the leading minds to share solutions to the most pressing challenges through innovative technologies SAN FRANCISCO, Calif. – May 8, 2024– The Cloud Native Computing Foundation® (CNCF®), which…