Security | k8s Guru

Gatekeeper 3.1: Policy as Code Goes Production

Gatekeeper reaches production readiness with improved performance, policy library, and migration tools for replacing PodSecurityPolicy.

#gatekeeper #opa #policy #production #podsecuritypolicy

K8s Guru

Sep 10, 2020

Bottlerocket 1.0: Secure OS for Kubernetes Nodes

AWS Bottlerocket 1.0 debuts a container-optimized operating system with transactional updates and API-driven configuration for Kubernetes nodes.

#bottlerocket #aws #kubernetes #node-os #security

K8s Guru

Aug 17, 2020

Read More 2 min

Kubernetes

Trivy: Comprehensive Container Image Vulnerability Scanning

Trivy provides fast, comprehensive vulnerability scanning for container images, enabling teams to identify and remediate security issues before deployment.

#trivy #vulnerability-scanning #security #containers #aqua-security

K8s Guru

Jun 15, 2020

Gatekeeper 3.1: Policy-as-Code in Production

Gatekeeper 3.1.0 adds mutation previews, constraint templates library, and audit scale improvements for Kubernetes policy enforcement.

#gatekeeper #opa #policy #mutation #kubernetes

K8s Guru

May 21, 2020

Read More 2 min

Security

Firecracker 1.0: MicroVMs Ready for Production

AWS graduates Firecracker to 1.0 with snapshot/restore, jailer hardening, and performance improvements for serverless and container platforms.

#firecracker #microvm #serverless #aws #release-1-0

K8s Guru

Nov 25, 2019

Read More 2 min

Security

Gatekeeper 1.0 Alpha: Policy Guardrails for Kubernetes

Gatekeeper 1.0 alpha pairs Open Policy Agent with Kubernetes admission controls, enabling declarative guardrails enforced by CRDs.

#gatekeeper #opa #policy #kubernetes #release-1-0-alpha

K8s Guru

Jul 17, 2019

Read More 2 min

Security

Firecracker: MicroVMs for Serverless and Secure Multi-Tenant Compute

AWS open sources Firecracker, the lightweight microVM technology behind Lambda and Fargate, designed for fast startup and strong isolation with minimal overhead.

#firecracker #microvm #serverless #virtualization #security #aws

K8s Guru

Nov 26, 2018

Network Policies in Production: Securing Pod-to-Pod Communication

Network Policies provide pod-level network segmentation in Kubernetes, enabling micro-segmentation and defense-in-depth security strategies.

#network-policy #security #networking #micro-segmentation #kubernetes

K8s Guru

Nov 15, 2018

Falco: Runtime Security Monitoring for Kubernetes

Falco provides runtime security monitoring for Kubernetes, detecting anomalous behavior and security threats in real-time through system call monitoring.

#falco #runtime-security #security #monitoring #cncf

K8s Guru

Jun 20, 2018

RBAC Goes GA: Role-Based Access Control in Kubernetes 1.8

Role-Based Access Control (RBAC) reaches General Availability in Kubernetes 1.8, providing fine-grained authorization for users and service accounts.

#rbac #security #authorization #kubernetes-1.8 #access-control

K8s Guru

Oct 5, 2017