I had always wanted to use sidecars with Istio or Splunk forwarder in production, but as a Kubernetes maintainer, I knew there was no reliable way of telling Kubernetes to ensure sidecar containers were kept running before and after the main application. In this post I will share the twists and turns of my adventure in addressing this long-standing Kubernetes challenge.

We are excited to announce the preview release of Kubescape 3.0, the next generation of the CNCF Kubernetes security posture management tool. Kubescape 3.0 will add: Most of these features have landed already, with some being finished over the next few weeks. Get ARMO Platform.

Guest post originally published on Kubescape’s blog by Ben Hirschberg. Co-Founder and CTO at ARMO and a Kubescape maintainer. What do you get a piece of software for its second birthday? A brand new blog, of course! And cake. More on the cake later. Kubescape is an open-source Kubernetes security platform that helps you identify and fix security risks, misconfigurations and vulnerabilities in your Kubernetes clusters.

Prioritizing the security of your Kubernetes environment is of utmost importance. As organizations increasingly rely on containerization for their applications, the need for robust security measures is ever-growing. But security doesn’t work in isolation; it should seamlessly blend into your workflow. This is where the integration of ARMO Platform with collaboration tools like Microsoft Teams becomes invaluable.

Recently, the Kubernetes Security Response Committee disclosed three interrelated vulnerabilities affecting the Windows versions of Kubelet and the Kubernetes CSI proxy. These vulnerabilities pose a significant risk, allowing even users with limited permissions to escalate their privileges to administrator level on affected nodes.

Kubernetes has become the de facto platform for orchestrating containerized applications at scale in today’s IT landscape. Its ability to run on various platforms including on-premises, public cloud, and hybrid has made it an essential tool for many organizations. This is particularly true for companies following a multi-cloud strategy, relying on more than one vendor for their cloud computing needs.

With each release, Kubernetes introduces new features and enhancements to improve the user experience and address the evolving needs of its users. Today’s release is no exception. This blog post delves into the security enhancements introduced in Kubernetes 1.28, providing insights into their significance and impact.

How do I keep my Kubernetes cluster secure? I do it with the open-source tool Kubescape – a popular CNCF security tool for Kubernetes. In this video, I go over how you can get started with Kubescape as well as the SaaS platform ARMO.

Kubernetes has become one of the most popular platforms for running cloud-native applications. This popularity is due to several factors, including its ease of use and ability to handle stateless applications. However, running stateful applications, such as databases and storage systems, on Kubernetes clusters is still debatable. In other words, does Kubernetes and its containerized ecosystem provide a solid and reliable infrastructure to run such critical applications?

The challenge of administering security and maintaining compliance in a Kubernetes ecosystem is typically the same: an increasingly dynamic, ever-changing, ephemeral landscape. Changes can be rooted in new approaches to cyberattacks or changing regulations. Kubernetes security requires a complex and multifaceted approach since an effective strategy needs to.