Security News

Constellation: Open-source, runtime-encrypted Kubernetes
2022-10-12 04:30

Confidential Computing is a hardware-based technology that shields computer workloads from their environments and keeps data encrypted during processing. In this Help Net Security video, Felix Schuster, CEO at Edgeless Systems, talks about the open-source release of Constellation.

Red Hat backs CNCF project, spills TEE support over Kubernetes
2022-10-10 16:00

Red Hat is backing a Cloud Native Computing Foundation project that aims to improve the security of containers in Kubernetes clusters by running them inside hardware-enforced enclaves. A company blog post says Red Hat is investing in Confidential Containers, which is a relatively new project from the CNCF-backed Confidential Computing Consortium.

Best practices for Kubernetes security in the enterprise market
2022-09-02 04:30

As part of digital transformation, more and more organizations are transforming their application using cloud native architecture to become more agile and accelerate time to market. They are increasingly adopting containers and Kubernetes to do so.

Your organization needs regional disaster recovery: Here’s how to build it on Kubernetes
2022-08-22 15:04

Every organization should have a business continuity plan, and a key component of your business continuity policy should be regional disaster recovery, which places a secondary IT environment far enough away from your primary site that it won't be affected by the same disaster. Why you should meet regional recovery needs with Kubernetes.

Organizations grew to love Kubernetes: Usage in production is high
2022-08-05 03:00

Kubernetes is delivering business value and is set to win an increasing share of production workloads, with almost all respondents to a Dimensional Research study saying they plan to scale and diversify their Kubernetes infrastructures in some way in the coming year. With growth comes increased complexity, and already those respondents that have the most extensive use of Kubernetes - with more clusters and more distributions, across more environments such as edge and with more software elements in their 'stack' such as monitoring, security, ingress or service mesh - are experiencing more significant challenges.

Kubernetes security: Shift-left strategies and simplifying management
2022-07-28 12:59

Kubernetes security is essentially a collection of techniques, strategies, and technologies created to protect the Kubernetes platform and the containers it handles. Kubernetes security addresses three main concerns: the K8s API, best practices for pod container security, and the 4 C's of cloud-native security, namely container, cluster, code, and the cloud itself.

AWS ups security for Elastic Block Store, Kubernetes service
2022-07-27 17:00

Amazon's cloud platform is extending security capabilities for a couple of its widely used services; Amazon Elastic Block Store and Amazon Elastic Kubernetes Service. Amazon GuardDuty is described as a threat detection service that can continuously monitor AWS accounts and workloads for malicious activity, and can initiate automated responses.

Amazon squashes years-old authentication bugs in AWS Kubernetes service
2022-07-12 18:45

AWS fixed three authentication bugs present in one line of code in its IAM Authenticator for Kubernetes, used by the cloud giant's popular managed Kubernetes service Amazon EKS, that could allow an attacker to escalate privileges within a Kubernetes cluster. Amazon updated all EKS clusters worldwide as of June 28, and the new version of the AWS IAM Authenticator for Kubernetes fixes the flaw.

Over 900,000 Kubernetes instances found exposed online
2022-06-28 10:39

Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. Researchers at Cyble have conducted an exercise to locate exposed Kubernetes instances across the itnernet, using similar scanning tools and search queries to those employed by malicious actors.

How to properly adopt and manage Kubernetes in production
2022-06-20 05:00

Kubernetes is a very important technology in the marketplace because vendors, ISVs, end users and enterprises are all able to come together and use this common infrastructure substrate to build their product on. In this video for Help Net Security, Alex Jones, Director of Kubernetes Engineering at Canonical, talks about properly adopting and managing Kubernetes in production.