<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">

Fairwinds Blog

Featured Post

3 Things to Know about FinOps and Kubernetes

6 minute read | September 22, 2022

Recently I undertook the FinOps Foundation training and became certified. If you are looking to expand your FinOps knowledge, I’d highly recommend it. The training is vast...

Read More
Security
6 minute read
| September 8, 2022

Kubernetes Security, Cost Avoidance and Policy Go Hand in Hand

Kubernetes security continues to be one of the biggest concerns for organizations adopting the technology. Security teams are learning Kubernetes while DevOps and developers... Read More
Security
4 minute read
| September 1, 2022

Why Infrastructure-as-Code Scanning Matters for Kubernetes Configuration

Infrastructure as code (IaC) is the ability to provision and manage infrastructure using a configuration language. It offers the repeatability, transparency, and testing of... Read More
Security
3 minute read
| August 4, 2022

Mitigate Kubernetes Risk with Vulnerabilities Explorer

For DevOps security leaders, knowing what vulnerabilities exist in Kubernetes clusters is critical, but only part of the problem. Once risks are identified, a plan of action... Read More
Security
3 minute read
| July 22, 2022

Kubernetes Security Alerts that Actually Matter

The Cost of Ignoring Security Alerts One of the bigger character flaws that I have is that I buy very old vehicles because I hate owning new things. Most of the time this is... Read More
Security
3 minute read
| July 19, 2022

Do You Have Kubernetes Security Blind Spots?

Kubernetes is Still New to Most People I managed to make it to my 30s before I had to buy a house and there are loads of reasons I wish I never had one.  Read More
Security
5 minute read
| June 15, 2022

NSA Kubernetes Hardening Guide: Upgrade and Application Security

Our NSA Kubernetes Hardening Guide series has looked at pod security, network access, authentication and authorization, audit logging and threat detection. In the final... Read More
Security
5 minute read
| June 10, 2022

NSA Kubernetes Hardening Guide: Audit Logging and Threat Detection Overview

In our series on the NSA Kubernetes Hardening Guide, we’ve looked at pod security, network access and authentication and authorization. Today we look at the audit logging and... Read More
Security
3 minute read
| May 24, 2022

Kubernetes Vulnerability Management: Keep Third-party Images Up-to-Date

The Kubernetes ecosystem is built on a vast array of open source technologies. Kubernetes itself is one of the largest open source projects, and a community of tools and... Read More
Security
3 minute read
| January 5, 2022

How Fairwinds Insights Can Help You Identify log4j Container Vulnerabilities

The zero-day vulnerability known as log4j has been described as one of the most serious security issues in recent years, allowing attackers to remotely execute code and gain... Read More
Security
3 minute read
| December 22, 2021

A Fairwinds Security Statement on The Apache log4j Vulnerability

As we head into the new year, I want to share some recent concerns around the log4j vulnerability and the ongoing security of our Fairwinds software. It is critical that our... Read More
Security
4 minute read
| October 20, 2021

Is Kubernetes Service Ownership the Key to Better Container Security?

In the world of software development and Kubernetes, service ownership means development teams take responsibility for supporting the products they deliver, at every stage of... Read More
Security
6 minute read
| August 10, 2021

A Brief Overview of the NSA Kubernetes Hardening Guide

The National Security Agency (NSA) released its Kubernetes Hardening Guide in August 2021 (and updated it in March 2022) with recommendations for hardening Kubernetes clusters Read More