<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">
7 minute read
| March 17, 2023

Fairwinds Insights Basics Tutorial: Check Kubernetes Configuration for Privilege Escalation

Securing Kubernetes workloads is a critical aspect of increasing your overall cluster security. The goal is to ensure that your containers are running with minimal privileges... Read More
10 minute read
| March 14, 2023

Fairwinds Insights Basics Tutorial: Avoid Containers Running with Dangerous Capabilities

Containers are standard units of software that package code and its related dependencies to enable applications to run reliably in different computing environments. Container... Read More
24 minute read
| March 10, 2023

Why you Need Kubernetes Security Policy Enforcement

Securing Kubernetes is a serious topic, both for organizations already implementing Kube and those that are just getting ready to migrate to the open source container... Read More
10 minute read
| March 8, 2023

2023 Benchmark Kubernetes Report: The State of Kubernetes Workload Security

Moving to the cloud remains an important business initiative for organizations around the world. According to the World Economic Forum, digital transformation can enable... Read More
3 minute read
| February 14, 2023

New Fairwinds Insights Release: Terraform Scanning

When it comes to security issues, time is of the essence. Platform Engineering teams need to be able to catch issues as early in the deployment process as possible and, at... Read More
8 minute read
| January 23, 2023

An Overview of the NSA Kubernetes Hardening Guide

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the 1.0 version of the Kubernetes hardening guide in August 2021... Read More
14 minute read
| December 13, 2022

The Top Three Kubernetes Security Strategies You Need for 2023

The entire world is trying to move to Kubernetes. At the same time, everyone is afraid that they are going to do something wrong. They fear shipping apps and services that... Read More
2 minute read
| November 3, 2022

CVE-2022-3602 and CVE-2022-3786 OpenSSL Vulnerabilities: Scanning Container Images

On November 1st, 2022, OpenSSL announced a pair of High Severity vulnerabilities in version 3.0.0-3.0.6 of OpenSSL. The vulnerability is a buffer overflow that requires a... Read More
5 minute read
| October 6, 2022

Kubernetes Security vs. Security Theater

Physical Security Checks When I was a kid my father worked for the government and that sent us around the world to some interesting places. One of the places we lived had a... Read More
6 minute read
| September 8, 2022

Kubernetes Security, Cost Avoidance and Policy Go Hand in Hand

Kubernetes security continues to be one of the biggest concerns for organizations adopting the technology. Security teams are learning Kubernetes while DevOps and developers... Read More
4 minute read
| September 1, 2022

Why Infrastructure-as-Code Scanning Matters for Kubernetes Configuration

Infrastructure as code (IaC) is the ability to provision and manage infrastructure using a configuration language. It offers the repeatability, transparency, and testing of... Read More
4 minute read
| August 4, 2022

Mitigate Kubernetes Risk with Vulnerabilities Explorer

For DevOps security leaders, knowing what vulnerabilities exist in Kubernetes clusters is critical, but only part of the problem. Once risks are identified, a plan of action... Read More