Addressing the Latest Kubernetes NGINX Ingress Controller CVE-2024-7646 Vulnerability
Nirmata Blog
by Anudeep Nalla
2w ago
A new Kubernetes vulnerability, CVE-2024-7646, has recently been identified and demands urgent attention from security professionals and DevOps teams. This vulnerability severely threatens the security of systems using the widely adopted ingress-nginx controller, potentially allowing attackers to bypass annotation validation and gain unauthorized access to... The post Addressing the Latest Kubernetes NGINX Ingress Controller CVE-2024-7646 Vulnerability first appeared on Nirmata ..read more
Visit website
Kubernetes Policy Driven Resource Optimization with Kyverno
Nirmata Blog
by Boris Kurktchiev
3w ago
  Introduction As organizations increasingly turn to Kubernetes to deploy and manage containerized applications, they face unique challenges in efficiently allocating resources. The dynamic nature of Kubernetes often leads to inefficient defaults, underperforming applications, and inflated cloud bills. While Kubernetes and the CNCF ecosystem provide... The post Kubernetes Policy Driven Resource Optimization with Kyverno first appeared on Nirmata ..read more
Visit website
From Gatekeepers to Enablers: The Transformation of Security Teams in Cloud-Native Environments
Nirmata Blog
by Ritesh Patel
1M ago
Background The rapid adoption of cloud-native technologies, including containers, microservices, and Kubernetes, has transformed how organizations develop and deploy applications. These technologies offer numerous benefits, such as increased scalability, flexibility, and speed. However, they also introduce new security challenges, requiring organizations to rethink their security... The post From Gatekeepers to Enablers: The Transformation of Security Teams in Cloud-Native Environments first appeared on Nirmata ..read more
Visit website
Strengthening AWS ECS Security with Nirmata’s Best Practices Policy Enforcement
Nirmata Blog
by Nirmata Team
1M ago
The AWS ECS Landscape Amazon Web Services (AWS) Elastic Container Service (ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers. ECS is not just a tool but a comprehensive solution that simplifies the deployment, management, and scaling of containerized applications, providing... The post Strengthening AWS ECS Security with Nirmata’s Best Practices Policy Enforcement first appeared on Nirmata ..read more
Visit website
Navigating the Post-VMware Era: Accelerating Cloud Migration with Nirmata Policy Manager
Nirmata Blog
by Ritesh Patel
1M ago
In the wake of Broadcom’s acquisition of VMware, many organizations are accelerating their migration to the cloud to sidestep potential price hikes and maintain cost efficiency. This transition, however, is far from straightforward. Businesses must decide which workloads should remain in virtual machines (VMs) and... The post Navigating the Post-VMware Era: Accelerating Cloud Migration with Nirmata Policy Manager first appeared on Nirmata ..read more
Visit website
Applying the DRY Principle to Kyverno Policies
Nirmata Blog
by Jim Bugwadia
1M ago
The Don’t Repeat Yourself (DRY) principle of software development advocates avoiding repetition of code that is likely to change. Replacing similar code with reusable abstractions makes software easier to maintain, and avoids bugs.  In this post, I will show you a couple of ways to apply the DRY principle in Kyverno policies, which are written in YAML. DRY Using Variables  Kyverno policies can declare and reuse variables. Consider this policy that mutates various container types in a Pod, to add a memory request if one is not specified. The policy rule iterates over a list of contai ..read more
Visit website
SecOps Automation in Openshift Clusters using Kyverno
Nirmata Blog
by Anusha Hegde
2M ago
Guest Contributors: Benoit Schipper (HCS), Marcel Booms (HCS) OpenShift’s Built-In Security Features OpenShift is renowned for its robust out-of-the-box security features, including Role-Based Access Control (RBAC), built-in network policies, and default admission controllers. These features collectively establish a secure default state for OpenShift clusters. However, it is crucial to recognize that security is a dynamic and evolving process. There are always areas for improvement, particularly in addressing specific organizational requirements, supply chain security, and continuous complian ..read more
Visit website
Why You Should Use Nirmata Enterprise for Kyverno (N4K)
Nirmata Blog
by Ritesh Patel
2M ago
Image by Tumisu from Pixabay   Kyverno, an open source CNCF policy engine created by Nirmata, has seen rapid adoption as it helps enterprises ensure the security, compliance, and governance of their Kubernetes clusters and cloud-native infrastructure and applications.  However, using open-source Kyverno in mission-critical environments poses several challenges that can hinder operational efficiency and security. Often platform teams end up spending a lot of time keeping up with various Kyverno releases and are burdened with ensuring Kyverno meets their security and compliance requi ..read more
Visit website
Multi-Cluster Policy Exception Management with Nirmata
Nirmata Blog
by Anusha Hegde
2M ago
What is a Policy Exception Often, only some policies and rules the security or platform team defines are universally applicable. Sometimes, a developer needs an exception from a specific policy or rule for a particular application or namespace, such as for debugging or doing a PoC. Without a policy exception, the only options are to turn off the policy or exclude the namespace, requiring policy modifications. This is where Kyverno’s PolicyException becomes useful. PolicyException is a custom resource in Kyverno that allows bypassing specific policies and rules. You can define a policy excepti ..read more
Visit website
Top 10 reasons why Policy-as-Code is essential for cloud-native success
Nirmata Blog
by Ritesh Patel
2M ago
Policy-as-Code (PaC) is revolutionizing the way organizations manage and enforce policies. PaC involves writing policies in code, which can be automatically enforced, managed, and audited using software development practices. By defining policies as code, organizations can ensure consistency, scalability, and reliability in their infrastructure and applications. Enforcing policies can enhance the overall security posture by eliminating misconfigurations and preventing insecure settings. What is Policy-as-Code? Policy-as-Code is the practice of defining and managing policies through code rathe ..read more
Visit website

Follow Nirmata Blog on FeedSpot

Continue with Google
Continue with Apple
OR