<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">
3 minute read
| February 14, 2023

New Fairwinds Insights Release: Terraform Scanning

When it comes to security issues, time is of the essence. Platform Engineering teams need to be able to catch issues as early in the deployment process as possible and, at... Read More
8 minute read
| February 14, 2023

Kubernetes Basics Tutorial: Ensure Containers Do Not Run As Root

A container is a unit of software that brings code and all of its dependencies together, making it possible to run the application quickly and reliably in different computing... Read More
8 minute read
| January 23, 2023

An Overview of the NSA Kubernetes Hardening Guide

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the 1.0 version of the Kubernetes hardening guide in August 2021... Read More
14 minute read
| December 13, 2022

The Top Three Kubernetes Security Strategies You Need for 2023

The entire world is trying to move to Kubernetes. At the same time, everyone is afraid that they are going to do something wrong. They fear shipping apps and services that... Read More
2 minute read
| November 3, 2022

CVE-2022-3602 and CVE-2022-3786 OpenSSL Vulnerabilities: Scanning Container Images

On November 1st, 2022, OpenSSL announced a pair of High Severity vulnerabilities in version 3.0.0-3.0.6 of OpenSSL. The vulnerability is a buffer overflow that requires a... Read More
5 minute read
| October 6, 2022

Kubernetes Security vs. Security Theater

Physical Security Checks When I was a kid my father worked for the government and that sent us around the world to some interesting places. One of the places we lived had a... Read More
6 minute read
| September 8, 2022

Kubernetes Security, Cost Avoidance and Policy Go Hand in Hand

Kubernetes security continues to be one of the biggest concerns for organizations adopting the technology. Security teams are learning Kubernetes while DevOps and developers... Read More
4 minute read
| September 1, 2022

Why Infrastructure-as-Code Scanning Matters for Kubernetes Configuration

Infrastructure as code (IaC) is the ability to provision and manage infrastructure using a configuration language. It offers the repeatability, transparency, and testing of... Read More
4 minute read
| August 4, 2022

Mitigate Kubernetes Risk with Vulnerabilities Explorer

For DevOps security leaders, knowing what vulnerabilities exist in Kubernetes clusters is critical, but only part of the problem. Once risks are identified, a plan of action... Read More
3 minute read
| July 22, 2022

Kubernetes Security Alerts that Actually Matter

The Cost of Ignoring Security Alerts One of the bigger character flaws that I have is that I buy very old vehicles because I hate owning new things. Most of the time this is... Read More
3 minute read
| July 19, 2022

Do You Have Kubernetes Security Blind Spots?

Kubernetes is Still New to Most People I managed to make it to my 30s before I had to buy a house and there are loads of reasons I wish I never had one. Read More
5 minute read
| June 15, 2022

NSA Kubernetes Hardening Guide: Upgrade and Application Security

Our NSA Kubernetes Hardening Guide series has looked at pod security, network access, authentication and authorization, audit logging and threat detection. In the final... Read More