Also: RSVP now for the top DevSecOp events happening in October.
View in browser
CLEAN Hubspot Template

Kubernetes-Native Policy & Governance Software

The State of Kubernetes Security


September 2022

The Guide to Kubernetes Policy Management 


Increasing (and potentially costly) security concerns have led organizations, including the NSA, to address how to harden Kubernetes clusters. This guide details how to automate Kubernetes policy management to mitigate threats & attacks from build to run.

VIDEO


CNCF: Protecting Software Supply Chains


While standards like SLSA can help secure build environments, how should Kubernetes admins verify the integrity of container images in production?

KUBERNETES IO


Subscribe to Kubernetes security alerts


Join the kubernetes-security-announce group to receive emails about security announcements, advisories, and major API announcements.

RESEARCH


What exposed OPA servers can tell you about your applications


TrendMicro, Aug 2022

After identifying 389 exposed OPA servers via Shodan, TrendMicro reveals how exposed OPAs can negatively impact your applications’ overall security.

ARTICLE


Examining Pod Security Admission


NeonMirrors, Jun 2022


Learn about Pod Security Admission (PSA), a new admission controller called released with Kubernetes v1.22 to replace Pod Security Policies (PSP) using formal controls called the Pod Security Standards (PSS).

HOW-TO


Can you pass the 2-minute Kubernetes Pod Security test?


Nirmata, Sep 2022


A key threat to container security is user & process privileges inside the container. Pod Security Standards, native to Kubernetes, defines three policies to cover the whole security spectrum. Quickly audit your clusters for compliance in this short, how-to tutorial.

 


Nirmata Policy Engine eliminates security issues & misconfigurations


Built by the creators of Kyverno, Nirmata's cloud-native policy engine automates & simplifies the creation, deployment, and lifecycle management of policy-based intelligent guardrails for Kubernetes.

Start your free trial →

Upcoming Events


Join the Kubernetes & DevSecOps community at one of the following in-person and/or online events.

DevOps Webinar: Top Kubernetes Security Concerns & How to Address Them


Online | Oct 5, 2022 @ 1pm ET | 10am PT

Most organizations are worried about K8s security but may lack the skills, time & resources to address them. Join us as we share best practices and technologies that overcome common security challenges – including misconfigs, Pod security & more.

Top KubeCon Sessions for DevSecOps


Detroit | Oct 24-27, 2022


These sessions answer how to manage & implement policies to make your Kubernetes environments more secure and easy to manage without compromising developer agility.


View sessions »

DevOpsDays: Houston


Houston | Oct 4-5, 2022


Returning to Houston, this 2-day event offers discussions on DevSecOps, troubleshooting Kubernetes, SRE practices & even career tips!


View schedule »

Kyverno Workshop: Intro to Kubernetes-Native Policy Management

Detroit | Oct 25, 2022 @ 5pm


Attending KubeCon? Register for our hands-on workshop to learn the fundamentals of Kyverno and Kubernetes policy management. Expect to learn Kyverno architecture plus how to write & use policies.


Register now »

Detroit | Oct 25 @ 4pm


DevSecOps Meetup @ KubeCon


Enjoy food, drinks & networking as we discuss K8s security best practices – including policy-based governance, risk management & compliance. No KubeCon badge required, but space is limited so please RSVP now!

RSVP now →

Nirmata Inc., 6203 San Ignacio Avenue Suite 110, San Jose, CA 95119, United States

Unsubscribe Manage preferences