A new Kubernetes vulnerability, CVE-2024-7646, has recently been identified and demands urgent attention from security professionals and DevOps teams. This vulnerability severely threatens the security of systems using the widely adopted ingress-nginx controller, potentially allowing attackers to bypass annotation validation and gain unauthorized access to…
Introduction As organizations increasingly turn to Kubernetes to deploy and manage containerized applications, they face unique challenges in efficiently allocating resources. The dynamic nature of Kubernetes often leads to inefficient defaults, underperforming applications, and inflated cloud bills. While Kubernetes and the CNCF ecosystem provide…
Guest Contributors: Benoit Schipper (HCS), Marcel Booms (HCS) OpenShift’s Built-In Security Features OpenShift is renowned for its robust out-of-the-box security features, including Role-Based Access Control (RBAC), built-in network policies, and default admission controllers. These features collectively establish a secure default state for OpenShift clusters. However,…
Introduction Policy Reports are used by Kyverno to store the result of policies and cluster policies that match a resource. Kyverno generates reports during admission request as well as periodically as background scans. They are very helpful in auditing the current state of policy compliance…
A recently discovered vulnerability (CVE-2023-2878) in the secrets-store-csi-driver component of Kubernetes poses a significant security risk. If exploited, this vulnerability could result in the disclosure of sensitive service account tokens. Service account tokens function as authentication credentials, allowing applications operating within a Kubernetes cluster to…
The recent compromise of the XZ compression library underscores the dangers present within modern software supply chains. This incident emphasizes why vigilance and robust security measures are necessities, particularly when utilizing open-source projects. The incident is a first of its kind and will have…
This year, KubeCon + CloudNativeCon Europe 2024 drew over 12,000 tech enthusiasts from the leading cloud native and open source communities, and celebrated the milestone of Kubernetes’ tenth anniversary. Four days with 223 sessions and 90 CNCF project maintainer-hosted sessions provided valuable insights on the…
Introduction Recently, Akamai’s Tomer Peled announced a security threat to Kubernetes clusters, CVE-2023-5528. A user who can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. With a CVSS score of 7.2, this vulnerability presents…
The recent buzz surrounding the actively exploited runc vulnerabilities “Leaky Vessels” (CVE-2024-21626) serves as a timely reminder of two essential container security principles: image trust and comprehensive patching. Let’s delve into why these aspects are crucial for your containerized environments. Trustworthy Images are Foundational: It…
Google Kubernetes Engine (GKE) is a popular tool for managing containerized applications. However, a critical vulnerability has been discovered in GKE that could allow attackers to take control of a Kubernetes cluster. The vulnerability is called “Sys:All” and is caused by a misunderstanding of the…
Radhesh is Managing Partner of Arka Venture Labs. Arka Venture Labs is an Accelerator fund which assists Indian B2B Startups to foray into US by providing a combination of Funding, Mentoring and access to Silicon Valley Ecosystem. Arka Venture Labs was formed in August 2018 and has made 9 investments so far. Prior to starting Arka, Radhesh was Venture Advisor to Blume Ventures, focusing on early stage B2B Startups investments. Before this he was leading the Global Entrepreneur Program, for IBM India and South Asia. He exhibited strong leadership in steering the Startup initiative of IBM from scratch to one of the companies to be reckoned by the Startup ecosystem in India and generating strong revenues for IBM India Cloud business. He has helped many B2B startups scale in their journey by mentoring them, facilitating access to funds and customers.
He has core competency in evaluating startups leveraging technology and advising them on areas of improvement from business and technology standpoint. He conceptualized IBM India`s Startup challenge called IBM India Smartcamp and successfully executed the same. Radhesh has personally curated the startups for the finals, many of whom got funding either for the first time or for their subsequent rounds.He also worked with large enterprises in assisting them in identifying the next generation innovations through joint hackathons and startup challenges.
Prior to this role at IBM he was working as a Software Architect where he was designing Software solutions for Enterprise Clients, ISVs and System Integrators. He created many First of its kind solutions and led several key Sales wins for IBM. Radhesh has strong skills in building strategic relationships with Partner organizations.
Anubhav is VP of Business Development and Customer Success. He has 20+ years of experience in building and growing businesses across service provider, enterprise and commercial sectors. He has led functions in business development, product management, marketing, delivery and operations through his career, and most recently served as GM for the $250M Web-scale Services business at Cisco.
Anubhav is passionate about building new solutions and teams, and growing new market segments. At Cisco, he grew business 30-40% annually for many years while also building new offers, a world class team and a global delivery model.
Throughout his career, Anubhav has straddled technical, operational and business domains to bring new solutions around real-time analytics, operational assessments and network lifecycle management. Most recently, he was involved in bringing in new offers around recently launched Business Critical Services, a $2.5B business for Cisco. Before leaving Cisco, Anubhav signed off with a $350M multi-year deal built entirely around new solutions and engagement model with an innovative commercial structure.
Anubhav brings to Nirmata’s product development and organization an extensive experience developing both custom and standard subscription services, which was significantly formed by his time spent building analytics solutions at Cisco. This perspective on building bleeding edge solutions is evident in his business outlook, which recognizes that best solutions are built with the customers, by listening to them and partnering in risk taking when breaking new ground.
Anubhav holds bachelor’s degrees in both physics and electronics and telecommunications from Mumbai University and an MBA from San Jose State University.
Ritesh Patel is co-founder of Nirmata and has 20+ years experience building and delivering enterprise software solutions and has led highly successful software and business development teams. Ritesh began his career in engineering for high tech firms, and has since migrated to the business side of the operation. In his founding of Nirmata, Ritesh sought to bring his broad spectrum of experience to a single previously unaddressed industry problem through the creation of a new business. To Nirmata’s leadership, Ritesh brings a rare skill set incorporating experience with the entire chain of software development activities. This background has contributed to Nirmata’s commitment to empowering all employees to do the hard work required to deliver tools that solve tough problems.
Prior to Nirmata, Ritesh led business development at Brocade, where he was responsible for defining the firm’s cloud strategy, and oversaw developments that advanced the entire cloud “as-a-service” market. Through cloud and security-related initiatives, Ritesh and his team at Brocade were able to package Brocade’s plethora of IT infrastructure products into enterprise-ready solutions including OpenStack and CloudStack that pioneered widespread cloud computing implementation. In addition to these technical achievements, Ritesh succeeded in creating an extensive partner ecosystem to efficiently match these solutions with urgent customer needs.
Ritesh has also held key technical positions at Trapeze Networks (where he created industry award-winning products), Nortel, and Motorola. Ritesh holds an MBA from UC Berkeley and a master’s degree in computer engineering from Michigan State University.
Damien Toledo is Co-Founder and Vice President of Engineering, overseeing research and development, operations, maintenance, and delivery of Nirmata products. Damien brings over 20 years experience leading global engineering teams and delivering Enterprise grade solutions.
Since 1998 when he arrived in Silicon Valley from France to pursue the possibilities of US startup culture, Damien has held a number of engineering positions at high tech firms, each of which playing a role in the concept development for Nirmata. Building on lessons learned in management transformation at Jetstream Communications in the early 2000s, Damien built the Meru Networks Network Management team and Network Management solution from the ground up as one of the firm’s original members. Meru Networks went public in 2010 (NASDAQ:MERU).
Subsequent to his work at Meru, Damien led the transformation of the engineering team at Netscout to build an agile organization. At Netscout, he championed the adoption of Continuous Integration best practices across a team of 200+ engineers and 7 development sites, which resulted in reducing the software release cycles by 300%. While at Netscout and together with Nirmata co-founder Jim Bugwadia, Damien oversaw the adoption of microservices while searching for solutions to operating quickly in the cloud, and developed the foundations for what would become Nirmata.
Damien holds a master’s degree in computer science from University of Technology of Compiègne.
Jim Bugwadia has 20+ years experience building and leading effective teams and has created software that powers communications systems around the world.
Jim was among the original architects and business leaders within Cisco’s cloud automation practice, where he helped grow revenues to over $250M. During Jim’s tenure, IDC recognized the practice as #1 in global cloud services.
Prior to his work at Cisco, Jim led engineering teams at startups including Pano Logic, a desktop virtualization startup recognized for its innovative design by Wired magazine; Trapeze Networks, a wireless pioneer; and Jetstream Communications, a telecom equipment manufacturer. Jim started his career developing C++ software at Motorola for cellular network infrastructure where his team launched the world’s first cellular telephony that used code division multiplexing to optimize radio frequency usage.
Jim’s passion is to simplify the use of complex systems by providing well designed products that drive mass adoption of new technologies. As software has become mission critical to all businesses, Jim and his co-founders started Nirmata to help enterprises automate the delivery and management of applications. Jim currently develops software in Java, Golang, and Javascript, and is a Certified Kubernetes Administrator who actively participates in Nirmata’s full product lifecycle.
Over the course of his career, Jim has logged over $1.3B in revenue, 6 patent filings, 8 major product launches, and 29 years experience coding.
Jim holds a bachelor’s degree in engineering from Chicago State University and a master’s degree in computer science from the University of Illinois at Chicago.
