Hi there,

A quick highlight of this month's newsletter is the strategic partnership with CoreStack. This strategic alliance enables autonomous governance of Kubernetes resources for security and compliance for the Enterprises. We included the press release below, amazing things around this partnership are coming shortly!

Along with this press release, we had a couple of webinars, blogs, and content to share as well! 

- Nirmata team 

Live and On-Demand Events

Kubernetes Governance Landscape and Challenges

There are two governance dimensions: policy scope (where a specific rule should be applied, enforced or verified) and policy targets (what should be enforced and verified). During this on-demand panel, led by Techstrong Group CCO Mike Vizard discuss the current Kubernetes governance landscape and ways in which organizations can, and should, approach what has become a critical element in successful Kubernetes adoption. Watch the on-demand here.

AWS Container Series: Kubernetes policy with Kyverno 

Join Jim Bugwadia and the AWS container crew and see what you can do to enforce your policy as code with Kyverno. They'll walk you through how you can create policy to enforce whatever workload and Kubernetes object

Watch the on-demand here.

Software Supply Chains and DevSecOps  

Attacks on software supply chains have greatly accelerated the rate at which organizations are now embracing DevSecOps best practices to secure both legacy monolithic and emerging cloud-native applications. Watch this on-demand and hear how you can incorporate best practices around supply chains for DevOps organizations. Watch the on-demand here.

Blogs

Achieving the NSA Kubernetes Hardening Guidelines with Kyverno

The Kubernetes Hardening Guidance is particularly helpful for developers working on high-level national security systems and applies to various Kubernetes deployments. Here are the key items DevOps specialists should take away from the hardening guide and how Kyverno helps achieve the Kubernetes hardening guidelines. Read the blog here. 

A MAP for Kubernetes Supply Chain Security

The sharp increase in software supply chain attacks has made securing the build and delivery of software a critical topic. But what does this mean for Kubernetes DevOps teams tasked with securing their continuous delivery pipelines and clusters? To get started with securing a Kubernetes supply chain there are four things you will need to consider: Artifacts, Metadata, Attestations, and Policies (A-MAP). Read the blog here. 

Signing and Verifying Images to Secure CICD Pipelines using Sigstore and Kyverno  

How can we improve supply chain security signing for my container images, in an open, accessible, and transparent manner? How can we store these signatures in a safe and organized way? And then how can we ensure that no one can deploy in my Kubernetes clusters malicious images that can be a risk to my entire software supply chain? Let's get started in with Roberto Carratalá from Red Hat.

And More...

Kyverno Certification

We launched Kyverno Certification program during KubeCon North America. Since then we have had 500 people registered for the certification. Don't wait, take the certification and claim your badge!

Nirmata Enterprise Subscription for Kyverno.

With over 7 million Kyverno downloads deployed over hundreds of organizations, the open-source tool is becoming the de facto standard for policy configuration and management for cloud-native enterprises. Meet Nirmata Enterprise Subscription for Kyverno! Which includes commercial support, and training for Kyverno.