<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">

Fairwinds Blog

Featured Post

Understanding AWS End of Service Life Is a Key FinOps Responsibility

6 minute read | April 17, 2024

Amazon Web Services (AWS) announced extended support prices for Amazon Elastic Kubernetes Service (EKS), prompting some businesses to reevaluate how they manage their cloud...

Read More
Security
24 minute read
| March 10, 2023

Why you Need Kubernetes Security Policy Enforcement

Securing Kubernetes is a serious topic, both for organizations already implementing Kube and those that are just getting ready to migrate to the open source container... Read More
Security
10 minute read
| March 8, 2023

2023 Benchmark Kubernetes Report: The State of Kubernetes Workload Security

Moving to the cloud remains an important business initiative for organizations around the world. According to the World Economic Forum, digital transformation can enable... Read More
Security
3 minute read
| February 14, 2023

New Fairwinds Insights Release: Terraform Scanning

When it comes to security issues, time is of the essence. Platform Engineering teams need to be able to catch issues as early in the deployment process as possible and, at... Read More
Security
8 minute read
| February 14, 2023

Kubernetes Basics Tutorial: Ensure Containers Do Not Run As Root

A container is a unit of software that brings code and all of its dependencies together, making it possible to run the application quickly and reliably in different computing... Read More
Security
8 minute read
| January 23, 2023

An Overview of the NSA Kubernetes Hardening Guide

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the 1.0 version of the Kubernetes hardening guide in August 2021... Read More
Security
14 minute read
| December 13, 2022

The Top Three Kubernetes Security Strategies You Need for 2023

The entire world is trying to move to Kubernetes. At the same time, everyone is afraid that they are going to do something wrong. They fear shipping apps and services that... Read More
Security
2 minute read
| November 3, 2022

CVE-2022-3602 and CVE-2022-3786 OpenSSL Vulnerabilities: Scanning Container Images

On November 1st, 2022, OpenSSL announced a pair of High Severity vulnerabilities in version 3.0.0-3.0.6 of OpenSSL. The vulnerability is a buffer overflow that requires a... Read More
Security
5 minute read
| October 6, 2022

Kubernetes Security vs. Security Theater

Physical Security Checks When I was a kid my father worked for the government and that sent us around the world to some interesting places. One of the places we lived had a... Read More
Security
6 minute read
| September 8, 2022

Kubernetes Security, Cost Avoidance and Policy Go Hand in Hand

Kubernetes security continues to be one of the biggest concerns for organizations adopting the technology. Security teams are learning Kubernetes while DevOps and developers... Read More
Security
4 minute read
| September 1, 2022

Why Infrastructure-as-Code Scanning Matters for Kubernetes Configuration

Infrastructure as code (IaC) is the ability to provision and manage infrastructure using a configuration language. It offers the repeatability, transparency, and testing of... Read More
Security
4 minute read
| August 4, 2022

Mitigate Kubernetes Risk with Vulnerabilities Explorer

For DevOps security leaders, knowing what vulnerabilities exist in Kubernetes clusters is critical, but only part of the problem. Once risks are identified, a plan of action... Read More
Security
3 minute read
| July 22, 2022

Kubernetes Security Alerts that Actually Matter

The Cost of Ignoring Security Alerts One of the bigger character flaws that I have is that I buy very old vehicles because I hate owning new things. Most of the time this is... Read More