May 13, 2021
Secure open source foundations: Flux case
Open source projects usually have a large network of dependencies connected to a code base that will eventually build and compile into a package that may, in turn become the dependency of another project. That is why concerns about open source as a potential vector for critical vulnerabilities have always existed despite Linus’ law. Flux was able to reach a CVE count of zero due to its maintainers limiting the amount of dependencies used....
April 23, 2021
What is DevSecOps and Why is it Important?
Learn what is DevSecOps, why is it needed, and its importance to remain competitive and agile in today’s fast-paced world.
March 30, 2021
Using Cloud-Native BuildPacks for Operational Efficiency
CNB offers a rich capability for building OCI images. Learn about layer caching practices, image inspection, and runtime rebasing.
November 23, 2020
Writing Policies for Pods, Network Objects, and OPA
Learn about writing network policy, rules guiding it, and how it's structured and evaluated. Specify traffic direction in policy and writing policy using Rego.
September 09, 2020
Preventing malicious use of Weave Scope
It was reported this week that TeamTNT hackers are using Weave Scope to aid their intrusions. As Weave Scope is an administration tool it has powerful capabilities making it important for any installation to be secured. We’re going to cover both how Scope is used and how you can mitigate this risk by securing it in any Kubernetes installation.
July 15, 2020
Enforce Ingress Best Practices Using OPA
In this blog article we'll explain how to define policies that ensure that no bad Ingress definitions will be deployed to cluster.
June 25, 2020
Enforce Kubernetes Network Security Policies Using OPA
OPA is a general-purpose, platform-agnostic policy enforcement tool. Read this blog to learn about how to utilize an OPA.
June 16, 2020
Enforce Pod Security Policies In Kubernetes Using OPA
In this article, we're going to demonstrate how you can enforce the most fine-grained security policies using OPA.
June 09, 2020
Integrate OPA Into Your Kubernetes Cluster Using Kube-mgmt
We'll cover how to deploy OPA from scratch, and apply a sample policy that enforces using an Ingress hostname from a whitelist.
June 02, 2020
Integrating Open Policy Agent (OPA) With Kubernetes
Explore how to integrate OPA with Kubernetes and see some examples of the power that this integration can bring to policy enforcement.
May 26, 2020
Introducing Policy As Code: The Open Policy Agent (OPA)
Want to learn what OPA is, what it brings to the table, and how it works? You've come to the right place!
June 20, 2019
Cluster Ready Checklist for Kubernetes
How do you know when you’re ready to run your Kubernetes cluster in production? In this blog series, we define Production Ready checklists for your cluster and applications.
June 13, 2019
Introduction to Kubernetes Security
Weaveworks and Aqua recently held a popular webinar on Kubernetes and Security. Liz Rice of Aqua described how to lock down a cluster and Brice Fernandes of Weaveworks examined how to secure your operations workflows to Kubernetes.
April 02, 2019
Securing Developer Workflows
As modern developers and DevOps teams are embarking on a quest for speed and reliability through automated CICD workflow pipelines for Kubernetes, enterprises still need to ensure security and regulatory compliance.
March 19, 2019
Continuous Security for GitOps
Signup for a webinar with Andrew Martin from ControlPlane and Brice Fernandes from Weaveworks and learn how to secure git for GitOps powered CICD Kubernetes pipelines.
March 05, 2019
New Whitepaper - Hardening Git for GitOps
Download ‘Hardening Git for GitOps’, and learn what the 4 most common threats are, how they can be mitigated and how to secure Git using standard signing techniques and software configuration.
February 26, 2019
Secure GitOps Pipelines for Kubernetes with Snyk and Weaveworks
Join Weaveworks and Snyk in an online webinar to learn why the typical CICD pipeline can be insecure and how by applying a GitOps in combination with Snyk’s automated vulnerability solution can protect you.