Sigstore Sets Out to Secure Cloud-Native Supply Chain
Open source software (OSS) is pervasive — 90% of companies are now using OSS. But this reliance is a double-edged sword. Amid rising software supply chain attacks, we’re witnessing the fragility of ...
Red Hat Adds Developer Tools to Extend DevSecOps Reach
Red Hat added three new developer tools, expanding its DevSecOps portfolio for building secure cloud-native applications ...
Best of 2023: Why Container Runtimes Still Matter
Runtime features are essential for innovation and feature development for the Kubernetes cloud ...
Best of 2022: The Fathers of Kubernetes: Where Are They Now?
As we close out 2022, we at Container Journal wanted to highlight the most popular articles of the year. Following is the latest in our series of the Best of 2022. Kubernetes, ...
Introduction To Flux
GitOps has become a chosen strategy for releasing and deploying cloud-native microservices. The goal of GitOps, a term coined by Alexis Richardson, CEO of Weaveworks, in 2017, is to “make operations automatic ...
Kyverno vl.8.0: Native Pod Security, YAML Signing, and More
Following on the heels of the 1.7 release of Kyverno, the Kyverno team is proud to present version 1.8.0 which is another huge leap forward not just in terms of features and ...
Optimizing Developer Impact on K8s Security
Kubernetes just passed its eighth birthday (hope you didn’t forget to send a card). In that time, the DevSecOps movement has decisively shifted security left. The evolution continues to add work to ...
The State of K8s Software Supply Chain Attacks
Securing the software supply chain is in the zeitgeist, and for a good reason. Software supply chain attacks grew by more than 300% from 2020 to 2021. Supply chain attacks continue to ...
Securing the Software Supply Chain For Policy-as-Code
Since emerging as a graduated CNCF project last year, the Open Policy Agent (OPA) project has been adopted in a wide variety of scenarios: Kubernetes admission control (gatekeeper), policy enforcement over configuration ...
Red Hat Delivers on Open Source Security Promise for K8s
At the KubeCon + CloudNativeCon Europe 2022 conference, Red Hat this week made good on a promise to make Red Hat Advanced Cluster Security for Kubernetes available as an open source project ...