Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

2023 Kubernetes vulnerabilities roundup

Transparency in vulnerability disclosure plays a crucial role in effective risk management, regardless of software development models. The Common Vulnerabilities and Exposures (CVE) database serves as a valuable resource, offering insights into known weaknesses even when fixes are unavailable. This empowers organizations to make informed decisions about prioritizing mitigation strategies and protecting their systems.

Vulnerability prioritization in Kubernetes: unpacking the complexity

In the rapidly evolving world of container orchestration, developers have come to rely on Kubernetes to manage containerized applications. However, as Kubernetes adoption increases among organizations, ensuring the security of Kubernetes environments becomes essential. One particularly significant aspect to consider is vulnerability prioritization. It’s essential to understand that chasing after the highest CVSS scoring vulnerabilities might not always align with real-world threats.

Under the hood of CVE patching

Addressing Common Vulnerabilities and Exposures, known as CVE patching, is a practice of applying updates to software (patching) to address security vulnerabilities. CVE patching is your shield against the threat of malicious actors exploiting such weaknesses and is of crucial importance for every organization’s cybersecurity. This post will cover the basics of CVE patching: the roles and stakeholders, the step-by-step process, and common mistakes to avoid.

Kubernetes 1.29: The Security Perspective

Kubernetes 1.29 will be the last release from the Kubernetes team for 2023. The new release has 49 enhancements, with a multitude of beta and stable ones in addition to a high number of bug fixes. As Kubernetes security professionals, we explored the release to find the most notable security-centric features and improvements. This blog is tailored for those with a keen eye for security, aiming to break down how these changes will impact and enhance the security posture of Kubernetes clusters.

The Complete Guide to Kubernetes RBAC

Kubernetes has revolutionized container orchestration, becoming the go-to platform for managing containerized workloads at scale. However, with its growing popularity, the complexity of managing role-based access control (RBAC) on Day 2 and especially in a multi-cluster environment has become a daunting task. DevOps, SRE, and Platform teams are responsible for multiple clusters and different teams.

Rise of cloud agnosticism: challenges and myths

In the evolving landscape of technology, cloud agnosticism has seen increasing traction. This refers to the ability to design and deploy applications seamlessly on any cloud platform, whether that be AWS, GCP, Azure, or others. Cloud agnosticism is essentially a design principle that advocates for flexibility, portability, and interoperability, allowing organizations to use multiple cloud providers without being tied to the services or infrastructure of any single one.

Is your software supply chain secure?

As you begin developing your application to get services in front of your customers, you will notice a lot of processes and contributors are involved—from development to production. All of these processes and people are part of the “software supply chain.” It goes without saying that your software supply chain plays a crucial role in ensuring your business’s success.

GitOps - Enhancing security and ensuring compliance in Kubernetes deployments

GitOps can be a powerful means of achieving continuous compliance in Kubernetes deployments. It provides transparency for any changes made to your infrastructure, along with the ability to trace and audit these changes. In this article, we will discuss how GitOps can enhance security and ensure compliance in Kubernetes deployments. We will also discuss potential security threats that GitOps could introduce into a Kubernetes infrastructure.

Top four Kubernetes Attack Chains and how to break them

While Kubernetes adoption continues to soar, it has become a prime target for cyberattacks. Unfortunately, Kubernetes clusters are complex and can be difficult to secure. Safeguarding your Kubernetes environment requires a solid understanding of the common attack chains that pose a threat to your infrastructure. In this blog post, we dig into the top attack chains that target Kubernetes, shedding light on the risks and offering valuable insights to bolster your defenses.