SecOps Automation in Openshift Clusters using Kyverno

Guest Contributors: Benoit Schipper (HCS), Marcel Booms (HCS) OpenShift’s Built-In Security Features OpenShift is renowned for its robust out-of-the-box security features, including Role-Based Access Control (RBAC), built-in network policies, and default admission controllers. These features collectively establish a secure default state for OpenShift clusters. However,…


What Is Policy-As-Code? Top 10 Reasons Why Policy-As-Code Is Essential for Cloud-Native Success

What is Policy-as-Code? Policy-as-Code is the practice of defining and managing policies through code rather than through traditional manual processes. These policies can cover a wide range of areas, including security, compliance, and operational best practices. Policy-as-code enables automated policy enforcement, integration with CI/CD pipelines,…


Rapid Mitigation of CVE-2023-2878 with Kyverno and Nirmata Policy Manager

A recently discovered vulnerability (CVE-2023-2878) in the secrets-store-csi-driver component of Kubernetes poses a significant security risk. If exploited, this vulnerability could result in the disclosure of sensitive service account tokens. Service account tokens function as authentication credentials, allowing applications operating within a Kubernetes cluster to…