Safeguard
Tag

admission-controller

Safeguard articles tagged "admission-controller" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Container Security

Security implications of Kubernetes operators

Kubernetes Operators run with elevated, cluster-wide privilege by design. IngressNightmare, Argo CD, and cert-manager CVEs show what happens when that trust is abused.

Jun 22, 20267 min read
Tutorials

Getting Started: Safeguard Kubernetes Admission

Deploy the Safeguard admission controller to block images with unresolved critical vulnerabilities before they run in your cluster.

Feb 19, 20267 min read
Container Security

How to implement Kubernetes Pod Security Standards

A step-by-step guide to implementing Kubernetes Pod Security Standards, from auditing pods to enforcing restricted mode and migrating off PSP.

Feb 19, 20268 min read
Kubernetes Security

Kubernetes Pod Security Standards: From PodSecurityPolicy to the New Admission Controller

PodSecurityPolicy is dead. Pod Security Standards replaced it. Here is what changed, what the three levels mean, and how to migrate without breaking your clusters.

Dec 8, 20226 min read
Container Security

Kubernetes Admission Controllers for Supply Chain Policy

Admission controllers are the only Kubernetes enforcement point that sees every workload before it runs. That makes them the right place to enforce image provenance, signing, and SBOM policies.

Sep 18, 20226 min read
Kubernetes Security

Kubernetes Supply Chain Policy Engines: Enforcing What Gets Deployed

Scanning for vulnerabilities means nothing if you cannot enforce the results. Supply chain policy engines in Kubernetes turn security findings into hard deployment gates.

Jun 8, 20226 min read
admission-controller — Safeguard Blog