Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

tigera

Calico Egress Gateway: Universal Firewall Integration for Kubernetes

May 27, 2020 By John Armstrong In Tigera

New applications and workloads are constantly being added to Kubernetes clusters. Those same apps need to securely communicate with resources outside the cluster behind a firewall or other control point. Firewalls require a consistent IP, but routable IPs are a limited resource that can be quickly depleted if applied to every service.

Read Post
teleport

How We Built SELinux Support for Kubernetes in Gravity 7.0

May 20, 2020 By Dmitri Shelenin In Teleport

As one of the engineers on the Gravity team here at Gravitational, I was tasked with adding SELinux support to Gravity 7.0, released back in March. The result of this work is a base Kubernetes cluster policy that confines the services (both Gravity-specific and Kubernetes) and user workloads. In this post, I will explain how I built it, which issues I ran into, and some useful tips I’d like to share. Specifically, we will look at the use of attributes for the common aspects of the policy.

Read Post

Network Security for D2iQ Konvoy

May 19, 2020 By Tigera In Tigera
By default, pods are non-isolated; they accept traffic from any source. The D2iQ Konvoy solution to this security concern is Network Security Policy that lets developers control network access to their services. D2iQ Konvoy comes preconfigured with Network Security Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network policy and a live demo implementing each use case.
View Video
splunk

Approaching Kubernetes Security - Detecting Kubernetes Scan with Splunk

May 12, 2020 By Rod Soto In Splunk

The Kubernetes framework has become the leading orchestration platform. Originally developed by Google, Kubernetes is a "platform for automating deployment, scaling, and operations of application containers across clusters of hosts" * . The kubernetes platform is used in all Cloud platform provider vendors as a tool that allows orchestration, automation and provision of applications and specific needs computing clusters and services.

Read Post

How to Implement Network Policy in Google GKE to Secure Your Cluster

May 7, 2020 By Tigera In Tigera
By default, pods are non-isolated; they accept traffic from any source. The Google GKE solution to this security concern is Network Security Policy that lets developers control network access to their services. Google GKE comes configured with Network Security Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network security policy and a live demo implementing each use case.
View Video

Getting up and running with Calico Host Micro segmentation Protection on AWS

May 7, 2020 By Tigera In Tigera
In this online training, we will explain how to install and configure Calico on a vm/host to apply network policy to resources outside your K8s cluster. The talk will be primarily a walkthrough and demo and you will receive all manifests and instructions to do the demo on your own after the session.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.