kubernetes-security
Safeguard articles tagged "kubernetes-security" — guides, analysis, and best practices for software supply chain and application security.
125 articles
What is Kubernetes Pod Security
Pod Security Standards replaced PodSecurityPolicy in Kubernetes 1.25. Here's what Kubernetes pod security means and how to enforce it in production.
What Are Kubernetes Admission Controllers
Kubernetes admission controllers intercept every API request before it hits etcd. Here's how validating and mutating webhooks work, what's enabled by default, and where they fail.
What is Cloud Native Security
Cloud native security explained: what it is, the 4C's model, real breach examples, SBOM requirements, and the tools that secure containers and Kubernetes.
What is Helm Chart Security
Helm chart security means finding and fixing the RBAC, secrets, and supply chain risks baked into Kubernetes' most-used packaging format.
What is GitOps Security
GitOps turns your Git repo into the source of truth for production, so one bad commit or stolen credential can mean a full cluster takeover.
GitOps
What is GitOps? A clear definition of the Git-driven deployment model, how it differs from DevOps, and what its security model protects against.
CIS Benchmarks
A precise definition of CIS Benchmarks, how they differ from CIS Controls, and what compliance scanning against them looks like in real environments.
Container escape
A container escape lets attackers break out of a container into the host or other workloads. Learn how these attacks work, real CVEs, and Kubernetes risk.
Kubernetes admission controller
A Kubernetes admission controller intercepts API requests before they're persisted, enforcing policy on Pods, images, and configs before workloads ever run.
How to configure Kubernetes network policies
A step-by-step guide to configuring Kubernetes network policies: enabling Calico, building a default-deny baseline, allow-listing traffic, and verifying enforcement.
How to set up HashiCorp Vault for secrets management
A step-by-step guide to set up HashiCorp Vault for secrets management, covering installation, dynamic secrets, Kubernetes integration, and verification steps.
How to implement Kubernetes Pod Security Standards
A step-by-step guide to implementing Kubernetes Pod Security Standards, from auditing pods to enforcing restricted mode and migrating off PSP.