If you thought that falling victim to ransomware, or a hacker hijacking your workstation was a nightmare, consider the potential catastrophe of having your Kubernetes (k8s) cluster hijacked. It could be a disaster magnified a million times over.
SBOM (Software Bill of Materials) is an accepted best practice to map the components and dependencies of your applications in order to better understand your applications’ risks. SBOMs are used as a basis for vulnerability assessment, licensing compliance, and more. There are plenty of available tools, such as Aqua …
One of Trivy’s core features is Trivy Kubernetes for in-cluster security scans of running workloads. This tutorial will showcase how to generate CIS and NSA reports both through the Trivy CLI and the Trivy Operator.Additionally, we will look at how users can add the Kubernetes Specification for their own Compliance …
Kubernetes Version 1.26 was released with 37 new enhancements including 11 Stable, 10 Beta, 16 Alpha, and 12 features deprecated or removed. In this blog, we will highlight its most notable features and show how using Trivy will help you find deprecated Kubernetes resources.
Trivy, the all-in-one open source security scanner, can scan your Kubernetes cluster as well as its running workloads for security issues. Trivy also has a native Kubernetes Operator for complete Kubernetes security posture management. These capabilities were covered in detail in our previous blog post Vulnerability …
Kubernetes Version 1.25 was released with 40 new enhancements including 13 Stable, 10 Beta, 15 Alpha, and 2 Deprecated. Join us as we present some of the notable features in this release, apply security with the Pod Security Admission (PSA), validate whether your cluster is using containerd, and give an overview of …
The newly released Kubernetes 1.8 is the third release this year, and shows great progress and maturity of the Kubernetes project. I’m happy that the community continues to make progress in several security-related areas that have been under development or in beta for a while, and are now officially released.
2016 was a big year for the virtual container space, and 2017 looks even more promising. The industry saw tremendous growth and continues to evolve at a rapid pace. Containers, being still relatively new, present new challenges in security -- but this year has seen much progress in addressing those challenges.
This is a blog post that Amir and I published on Kubernetes.io.
Kubernetes provides many controls that can greatly improve your application security. Configuring them requires intimate knowledge with Kubernetes and the deployment’s security requirements. The best practices we highlight here are aligned to the …