In the dynamic landscape of cloud-native cybersecurity, image scanning has become essential to ensuring the safety and integrity of cloud workloads and digital assets. Historically, image scanners focus on finding vulnerabilities (CVEs) that may be the cause of exploits in Kubernetes workloads. However, there’s a significant gap that often goes unnoticed. This gap is the lack of comprehensive scanning for malware, viruses, crypto miners, and other malicious threats.

Among other things, the OWASP organization delivers reports on the Top 10 most prevalent and important security risks for web-based software development. In 2019 they started reporting on the Top 10 API Security risks and refreshed that list in 2023. In this blog we describe how OPA/Styra can help with 9 of the 10 risks, and for each one we rate how impactful OPA/Styra is: Below we detail each of these 10 risks and briefly how to address them with OPA and Styra.

Internet Protocol version 6 (IPv6) is a network layer protocol that facilitates communication across the internet by assigning unique IP addresses to each device for identification and location purposes. With the onset of the digital era in the 1990s, the limitations of IPv4 addresses in accommodating the escalating demand became evident. Consequently, the Internet Engineering Task Force (IETF) embarked on developing the next-generation internet protocol, leading to the emergence of IPv6.

CloudCasa by Catalogic can be installed on Azure Kubernetes Service (AKS) clusters using Ubuntu and perform migrations to Azure Linux as the host operating system. The Azure Linux container host for AKS is a lightweight, secure, and reliable OS platform optimized for performance on Azure.

Hardening a Linux server is the process of enhancing its security and reducing its attack surface by applying various configurations, policies, and tools. A hardened Linux server is more resilient to cyber threats and less prone to compromise.

We open sourced Teleport in 2015 with a mission to secure access to infrastructure. It has since become a popular open source project with over 15,000 GitHub stars and is licensed under AGPLv3. We have been offering the stable releases of the Teleport Community Edition binaries and images distributed under the permissive Apache 2.0 license.

In a world where data privacy has become a paramount concern, BlockSurvey stands out as a beacon of trust and security. Committed to empowering users with complete ownership over their data, BlockSurvey faced the challenge of ensuring enterprise-level security and privacy for its customers. The solution? BoxyHQ’s Single Sign-On powered by the open-source SAML Jackson.

In the ever-changing world of Kubernetes security, it’s crucial to stay ahead of threats while maintaining operational efficiency. That’s why we’re excited to introduce our latest feature: Auto-Generated Kubernetes Network Policy, based on application runtime behavior, powered by eBPF (extended Berkeley Packet Filter) technology. With this addition, organizations can easily apply native Kubernetes network rules without worrying about disrupting their production systems.