One of the bigger character flaws that I have is that I buy very old vehicles because I hate owning new things. Most of the time this is fine. The time I drove my Suburban with 250,000 miles on it across the country was... less fine however. And I ended up hitchhiking for a good four hour section across Oklahoma and Texas between cities while I waited for a repair that wouldn't come for weeks. Did I mention my entire family was in tow and we were on our way to a Christmas vacation and the person who picked us up to drive us drove the entire way with a baby in her arms while she steered down the highway?
Turns out I should maybe have heeded that engine light warning.
Unfortunately I had been so desensitized to the warning lights that I no longer knew what was real and what wasn't and ended up 700 miles away from home before it bit me.
If you work in cloud infrastructure, chances are that you too have become desensitized to at least some of the security alerts that you regularly see. It's also unlikely that you'll be bailed out by some kind driver in the middle of nowhere and the cost will only be a few hours delay. Ignoring security alerts could cost you customers, your job, or even your company's reputation. Best to heed those warnings.
So how do you know which alerts actually matter?
If you're using Kubernetes there is a good chance that at some point you're going to employ a software solution that will scan for just about everything that you could possibly be doing wrong. There is always a tradeoff in security between absolute lock down and the ability to iterate quickly. These tradeoffs can be difficult to navigate alone.
A good security solution will prioritize security alerts so you know where to get started, and what can potentially wait. You'll also need a solution that watches for things running in production vs. new problems that might be introduced later on. It's one thing to be driving with an engine that passed QA on its way out the door, it's another to be properly notified when a recall is issued that says this engine might explode.
At Fairwinds we build software that prioritizes issues for you so you know where to begin and what can't wait. Our software enforces guardrails so your developers won't be able to deploy software with known misconfigurations or known vulnerabilities. But it will also alert you when something already running in your environment is later found to be problematic.
You both want to avoid deploying any new workloads using a broken version of Log4j as well as find out what's running in your cluster that is now deemed broken. With Fairwinds Insights you can build compliance dashboards and run regular checks. You can also build automation so you're alerted on any issue that passes a certain threshold of danger. Finally you can mark some alerts as irrelevant either because your organization has decided it's a risk you want to take, or because you know there will be false alerts.
Great software will keep you from breaking down, hitchhiking, or looking for a new job.