Tag
cni
Safeguard articles tagged "cni" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Kubernetes Security
Default-deny NetworkPolicy: closing the pod-to-pod gap in Kubernetes
Kubernetes pods allow all traffic by default, and many clusters' NetworkPolicy YAML silently does nothing because the CNI plugin never enforces it.
Jul 15, 20266 min read
Container Security
What Are Kubernetes Network Policies
Kubernetes clusters default to flat, all-to-all pod networking. Here's how NetworkPolicy objects, CNI enforcement, and default-deny rules actually stop lateral movement.
Mar 19, 20267 min read
Kubernetes Security
Kubernetes Network Policies Deep Dive: From Zero Trust to Microsegmentation
By default, every pod can talk to every other pod. Network policies change that, but most implementations are incomplete. Here is how to build real microsegmentation in Kubernetes.
Aug 18, 20237 min read