Safeguard
Tag

kubernetes-security

Safeguard articles tagged "kubernetes-security" — guides, analysis, and best practices for software supply chain and application security.

125 articles

Container Security

What is Kubernetes Pod Security

Pod Security Standards replaced PodSecurityPolicy in Kubernetes 1.25. Here's what Kubernetes pod security means and how to enforce it in production.

Mar 18, 20266 min read
Container Security

What Are Kubernetes Admission Controllers

Kubernetes admission controllers intercept every API request before it hits etcd. Here's how validating and mutating webhooks work, what's enabled by default, and where they fail.

Mar 18, 20266 min read
Cloud Security

What is Cloud Native Security

Cloud native security explained: what it is, the 4C's model, real breach examples, SBOM requirements, and the tools that secure containers and Kubernetes.

Mar 18, 20267 min read
Container Security

What is Helm Chart Security

Helm chart security means finding and fixing the RBAC, secrets, and supply chain risks baked into Kubernetes' most-used packaging format.

Mar 17, 20267 min read
Infrastructure Security

What is GitOps Security

GitOps turns your Git repo into the source of truth for production, so one bad commit or stolen credential can mean a full cluster takeover.

Mar 11, 20267 min read
DevSecOps

GitOps

What is GitOps? A clear definition of the Git-driven deployment model, how it differs from DevOps, and what its security model protects against.

Feb 24, 20268 min read
Compliance

CIS Benchmarks

A precise definition of CIS Benchmarks, how they differ from CIS Controls, and what compliance scanning against them looks like in real environments.

Feb 23, 20267 min read
Container Security

Container escape

A container escape lets attackers break out of a container into the host or other workloads. Learn how these attacks work, real CVEs, and Kubernetes risk.

Feb 22, 20267 min read
Container Security

Kubernetes admission controller

A Kubernetes admission controller intercepts API requests before they're persisted, enforcing policy on Pods, images, and configs before workloads ever run.

Feb 22, 20267 min read
Container Security

How to configure Kubernetes network policies

A step-by-step guide to configuring Kubernetes network policies: enabling Calico, building a default-deny baseline, allow-listing traffic, and verifying enforcement.

Feb 21, 20268 min read
Cryptography

How to set up HashiCorp Vault for secrets management

A step-by-step guide to set up HashiCorp Vault for secrets management, covering installation, dynamic secrets, Kubernetes integration, and verification steps.

Feb 20, 20267 min read
Container Security

How to implement Kubernetes Pod Security Standards

A step-by-step guide to implementing Kubernetes Pod Security Standards, from auditing pods to enforcing restricted mode and migrating off PSP.

Feb 19, 20268 min read
kubernetes-security (Page 6) — Safeguard Blog