KubeCon + CloudNativeCon Europe 2025 in London was a clear signal: platform engineering is no longer just about getting Kubernetes workloads into production. The conversation has matured. As organizations gain confidence running Kubernetes workloads at scale, attention is shifting toward operational excellence—streamlining processes, securing applications and data, reducing costs, and ensuring security and compliance.

At the heart of that evolution is policy—and the buzz around policy-as-code at this event was louder than ever.

Kyverno and Policy as Code Took Center Stage

Kyverno, the CNCF policy engine purpose-built by Nirmata for Kubernetes, had a huge presence at KubeCon London. With a growing community and adoption across enterprises, Kyverno was highlighted in several sessions focused on securing platforms, enforcing standards, and automating governance.

Kyverno: Innovation in Policy as Code

Kyverno continues to solidify its position as the go-to Kubernetes-native policy engine for security, compliance, and operational best practices—and it was front and center at KubeCon.

In a packed session, Kyverno maintainers Vishal and Frank unveiled the latest innovations in Kyverno that align with the evolution of Kubernetes itself. They showcased Kyverno’s new policy formats, which provide enhanced support for Kubernetes Validating Admission Policies (VAP) and Mutating Admission Policies (MAP). This forward-looking compatibility ensures Kyverno remains a future-proof choice as the Kubernetes API landscape evolves.

One of the biggest announcements? Kyverno’s adoption of Common Expression Language (CEL) for policy definition. This integration gives users powerful new ways to author, test, and manage dynamic and expressive policies. Whether you’re just starting out or managing complex enterprise controls, CEL unlocks a whole new level of flexibility and precision.

The session emphasized that Kyverno isn’t just about enforcement—it’s about enabling automation, developer productivity, and scalable governance at every stage of the Kubernetes journey. For more information about how to get started, click here.

Demystifying the Policy Landscape

Another standout session delivered to a packed room with folks standing in the back and sitting on the floor, brought together policy leaders from across the ecosystem: Jim Bugwadia (Kyverno/Nirmata), Rita Zhang (Gatekeeper/Microsoft), Andy Suderman (Fairwinds), and Joe Betz (Google).

Together, they delivered a practical guide to Kubernetes policy as code, cutting through the complexity to show how platform teams can integrate built-in Kubernetes features (such as VAP and MAP) with CNCF policy engines, including Kyverno, OPA/Gatekeeper, and others.

The session made it clear: policy-as-code isn’t just about enforcement—it’s the backbone of platform security, governance, and compliance. It helps unify developer intent with organizational controls in a scalable and automated manner. For teams building internal developer platforms (IDPs), policy is becoming non-negotiable. Learn how your IDP can benefit from policies here.

ContribFest: A Celebration of Community Momentum

One of the standout moments of the week was the Kyverno ContribFest—a hands-on community event that brought together new and experienced contributors to write policies, build integrations, and enhance documentation. The turnout exceeded expectations, and the energy in the room was electric!

Why the overwhelming success? It speaks to a broader shift we’re seeing: Kubernetes users are growing past the initial hurdles of standing up clusters and deploying apps. They are now looking to fix misconfigurations before they occur, standardize best practices across teams, and reduce cloud costs by enforcing smart defaults and cleanup policies.

Policy-as-code is what binds together the goals of security, efficiency, and developer self-service.

Platform Maturity Means Better Tools—and Better Signals

Another project that drew attention was K0rdent from Mirantis, which helps identify misconfigurations and enforce best practices in Kubernetes environments. K0rdent acts as a signal amplifier, detecting risks early and guiding teams toward secure and efficient configurations.

Attendees appreciated how K0rdent makes it easier to adopt policy without needing to start from scratch. The combination of automated scanning, curated rules, and actionable feedback is a significant win for platform engineering teams seeking to enhance their security posture without compromising the developer experience.

Looking Ahead

KubeCon London confirmed what many in the space have felt brewing: as platform engineering matures, governance and security need to evolve with it. Policy engines like Kyverno—and tools like Nirmata Control Hub and K0rdent that extend them—are no longer optional; they’re essential.

We’re excited to see where this momentum takes us, especially as the Kyverno ecosystem continues to grow. If you missed the ContribFest or the Kyverno talks, be sure to check out the recordings. We have curated an entire YouTube playlist of highlights, keynotes, and topical sessions that you can watch and learn from—no travel to London required. Also, please join our upcoming community events. Platform engineering is growing up—and policy is growing with it.

Are you intrigued by what you’ve just read? Nirmata is delighted to see our innovation, Kyverno, basking in the limelight for DevOps and platform engineering teams. Kyverno even comes in a format tailored for enterprise needs – yes, we’re thinking ahead! You can learn more about our solution for policy as code while you’re here. Or reach out to Nirmata for a demo. Ready to get going with Kyverno already? Start a free, 15-Day trial.