The Container Security Blog on StackRox

The Container Security Blog on StackRox

Previous Sections As we continue the study guide for the Certified Kubernetes Security Specialist (CKS) program, be sure to check out the information and content breakdown from our previous CKS posts: CKS CNCF Announcement and Exam Study CKS Certification Study Guide: Cluster Setup in Kubernetes CKS Certification Study Guide: Cluster ... Read More

Chris Porter, Director of Solutions Engineering at StackRox recently joined Cloud Economist, Corey Quinn on ‘Screaming in the Cloud’ for a chat about eliminating security risks in Kubernetes. You can listen to the conversation in the podcast episode below, or you can read through the transcript that follows, condensed and ... Read More

Previous Sections As we continue the study guide for the Certified Kubernetes Security Specialist (CKS) program, be sure to check out the information and content breakdown from our previous CKS posts: CKS CNCF Announcement and Exam Study Tips CKS Certification Study Guide: Cluster Setup in Kubernetes This blog references tools ... Read More

Kubernetes 1.20 has been released! Congratulations to the Kubernetes release team on this newest version with a release cycle that returned back to a shorter period of 11 weeks following the extended cycle for 1.19 earlier this year. Amid an extremely challenging year and coming on the heels of KubeCon ... Read More

As we dive into studying for the Certified Kubernetes Security Specialist (CKS) program, make sure to understand the test and its structure. A full blog details the Cloud Native Computing Foundation’s (CNCF) announcement about the CKS and its exam structure. CKS CNCF Announcement and Exam Study This blog references tools ... Read More

This week, the Kubernetes Product Security Committee disclosed a new security issue (CVE-2020-8554) that affects every version of Kubernetes. It is medium severity and no patch is available. Kubernetes administrators are advised to (1) limit certain cluster permissions as well as (2) restrict and manually audit external IP usage within ... Read More

This is the last installment in our four-part OpenShift security blog series. Don’t forget to check out our previous blog posts in the series: Part 1 - OpenShift security best practices for designing clusters Part 2 - OpenShift networking and cluster access best practices Part 3 - OpenShift runtime security ... Read More

The State of Kubernetes Security in 2020 There has been a significant shift in the Kubernetes community to security topics in the past year. According to the StackRox State of Container and Kubernetes Security Report, Fall 2020, human error causes most security incidents in Kubernetes, with misconfigurations contributing to roughly ... Read More

The Cloud Native Computing Foundation’s (CNCF) flagship Kubernetes and cloud-native conference went completely virtual this year. KubeCon + Cloud-NativeCon North America took place last week over four days (November 17-21) with many unique sessions and topics. The keynote sessions took place from Wednesday to Friday for 2 hours each. Speaker ... Read More

As we close another inspirational KubeCon and look ahead to future gatherings, let’s also pause to reflect on the accomplishments we’ve achieved together as members of the cloud-native community. For most of us, 2020 was one of the most challenging periods in our personal and professional lives. Most of us ... Read More