Kubernetes is an open-source container orchestration tool originally developed by Google for managing microservices or containerized applications across a distributed cluster of nodes. It is widely thought that “Kubernetes is key” to cloud-native application strategies. Kubernetes (K8s) runs over several nodes, and the collection of nodes is called a cluster. K8s clusters allow application developers to orchestrate and monitor containers across multiple physical, virtual, or cloud servers.

Can OpenAI ChatGPT become a contributor for an open source project like Falco? Is this the end of GitHub Copilot? ChatGPT is SO trendy that I overheard my grandma talking about it to her friends the other day. We’re seeing more and more uses of this AI for real world applications. That made us think… Falco, the first runtime security project to join CNCF as an incubation-level project, needs contributors.

Multi-tenancy can maximize the number of resources that are utilized in a cluster by sharing these resources between different groups, teams, or customers. However, boundaries must be placed to avoid problems associated with resource-sharing. On top of that, in a multi-tenant cluster, the number of security policies might gradually grow to the point where a slight misconfiguration could cause major security problems, performance issues, and service disruptions.

Kubernetes observability refers to the ability to monitor and diagnose the performance and behavior of a Kubernetes cluster and its applications. This includes monitoring resource usage, tracking the status of pods and deployments, and identifying and troubleshooting errors. Observability tools for Kubernetes typically include metrics, logging, and tracing capabilities.

Container adoption in enterprises continues to grow, and Kubernetes has become the de facto standard for deploying and operating containerized applications. At the same time, security is shifting left and should be addressed earlier in the software development lifecycle (SDLC). Security has morphed from being a static gateway at the end of the development process to something that (ideally) is embedded every step of the way. This can potentially increase the effort for engineering and DevOps teams.

One of the biggest concerns when using Kubernetes is whether we are complying with the security posture and taking into account all possible threats. For this reason, OWASP has created the OWASP Kubernetes Top 10, which helps identify the most likely risks.

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

Following up from our previous Kubernetes Essential Policy Toolkit Deeper Dive, we’re excited to announce upcoming enhancements to Terraform use cases in Styra DAS and take a deeper dive into the Styra DAS Terraform policy toolkit. With the enhanced Styra DAS Terraform policy toolkit, we’re making it even easier for platform engineering and cloud infrastructure teams to support their company’s application developers while delivering secure and compliant infrastructure configurations.

Today, we launched Enterprise OPA, an enterprise-grade OPA distribution built to provide resource-efficient performance for data-heavy authorization. Designed to mitigate the effects of data-heavy workloads, our new offering allows you to reduce infrastructure costs, optimize authorization performance and minimize enterprise risk with powerful live impact analysis, while connecting natively to existing data sources.