Latest from the blog

May 13, 2021

Secure open source foundations: Flux case

Open source projects usually have a large network of dependencies connected to a code base that will eventually build and compile into a package that may, in turn become the dependency of another project. That is why concerns about open source as a potential vector for critical vulnerabilities have always existed despite Linus’ law. Flux was able to reach a CVE count of zero due to its maintainers limiting the amount of dependencies used....

April 23, 2021

What is DevSecOps and Why is it Important?

Learn what is DevSecOps, why is it needed, and its importance to remain competitive and agile in today’s fast-paced world.

March 30, 2021

Using Cloud-Native BuildPacks for Operational Efficiency

CNB offers a rich capability for building OCI images. Learn about layer caching practices, image inspection, and runtime rebasing.

November 23, 2020

Writing Policies for Pods, Network Objects, and OPA

Learn about writing network policy, rules guiding it, and how it's structured and evaluated. Specify traffic direction in policy and writing policy using Rego.

September 09, 2020

Preventing malicious use of Weave Scope

It was reported this week that TeamTNT hackers are using Weave Scope to aid their intrusions. As Weave Scope is an administration tool it has powerful capabilities making it important for any installation to be secured. We’re going to cover both how Scope is used and how you can mitigate this risk by securing it in any Kubernetes installation.

July 15, 2020

Enforce Ingress Best Practices Using OPA

In this blog article we'll explain how to define policies that ensure that no bad Ingress definitions will be deployed to cluster.

June 25, 2020

Enforce Kubernetes Network Security Policies Using OPA

OPA is a general-purpose, platform-agnostic policy enforcement tool. Read this blog to learn about how to utilize an OPA.

June 16, 2020

Enforce Pod Security Policies In Kubernetes Using OPA

In this article, we're going to demonstrate how you can enforce the most fine-grained security policies using OPA.

June 09, 2020

Integrate OPA Into Your Kubernetes Cluster Using Kube-mgmt

We'll cover how to deploy OPA from scratch, and apply a sample policy that enforces using an Ingress hostname from a whitelist.

June 02, 2020

Integrating Open Policy Agent (OPA) With Kubernetes

Explore how to integrate OPA with Kubernetes and see some examples of the power that this integration can bring to policy enforcement.

May 26, 2020

Introducing Policy As Code: The Open Policy Agent (OPA)

Want to learn what OPA is, what it brings to the table, and how it works? You've come to the right place!

June 20, 2019

Cluster Ready Checklist for Kubernetes

How do you know when you’re ready to run your Kubernetes cluster in production? In this blog series, we define Production Ready checklists for your cluster and applications.

June 13, 2019

Introduction to Kubernetes Security

Weaveworks and Aqua recently held a popular webinar on Kubernetes and Security. Liz Rice of Aqua described how to lock down a cluster and Brice Fernandes of Weaveworks examined how to secure your operations workflows to Kubernetes.

April 02, 2019

Securing Developer Workflows

As modern developers and DevOps teams are embarking on a quest for speed and reliability through automated CICD workflow pipelines for Kubernetes, enterprises still need to ensure security and regulatory compliance.

March 19, 2019

Continuous Security for GitOps

Signup for a webinar with Andrew Martin from ControlPlane and Brice Fernandes from Weaveworks and learn how to secure git for GitOps powered CICD Kubernetes pipelines.

March 05, 2019

New Whitepaper - Hardening Git for GitOps

Download ‘Hardening Git for GitOps’, and learn what the 4 most common threats are, how they can be mitigated and how to secure Git using standard signing techniques and software configuration.

February 26, 2019

Secure GitOps Pipelines for Kubernetes with Snyk and Weaveworks

Join Weaveworks and Snyk in an online webinar to learn why the typical CICD pipeline can be insecure and how by applying a GitOps in combination with Snyk’s automated vulnerability solution can protect you.

Previous Next