The 2-minute test for Kubernetes Pod security
Project post originally published on DZone by Jim Bugwadia Learn how to audit your clusters for compliance with the latest Kubernetes Pod Security Standards without installing anything in the cluster. In this post, I will show…
Project post by KubeEdge maintainers The security of cloud native edge computing has been of concern to many users. It was difficult for users to perform effective security hardening on their edge systems due to no…
Improving Security by Fuzzing the CNCF landscape
By Chris Aniszczyk (CNCF), Adam Korczynski (Ada Logics), David Korczynski (Ada Logics) In this blog post we present an overview of the state of fuzzing across CNCF projects. This is based on efforts and work that…
Efficient GRC with cybersecurity tooling
Guest post originally published on the Snapt blog by Iwan Price-Evans “Governance, risk, and compliance” (GRC) might be dirty words for many people working in application development and delivery. Strict rules and processes can be obstacles…
Know your cloud security acronyms: CWPP, CSPM, CIEM and CNAPP
Guest post originally published on the Orca Security blog by Ty Murphy and Sarah Smith Acronyms help communicate lengthy phrases, but they can sometimes be confusing. This is especially true in the security industry, which has…
How to security harden Kubernetes in 2022
Guest post originally published on the Elastisys blog by the Elastisys team The NSA/CISA guidelines summarized, with Elastisys hands-on advice and real-world recommendations. Kubernetes is now the most popular container orchestration platform. Practically gone are the Mesoses…
Introduction to the Cloud Native Security Controls Catalog
Community post by Jon Zeolla, CTO and Co-Founder of Seiso The CNCF Security Technical Advisory Group (“Security TAG”) has provided a wealth of information to assist organizations in the planning and design of secure cloud native…
OSTIF’s audit of CRI-O is complete – high severity issues found and fixed
Community post originally published on the OSTIF blog Open Source Technology Improvement Fund is thrilled to report the results of a security audit of CRI-O. CRI-O is an open source software (OSS) project that is an implementation of the Kubernetes Container…
How to test application security
Guest post originally published on the Snapt blog by Craig Risi We constantly read about leaks and security attacks that hit well-known applications. Businesses cannot take security for granted. With so much critical data in play,…
Kubernetes ephemeral container security
Guest post originally published on Xenit’s blog by Philip Laine, DevOps Engineer at Xenit Attempting to debug a Pod and realizing that you can’t install curl due to security settings has to be a meme at…