An Overview of Kubernetes Security Projects at KubeCon Europe 2023

Release signing—or attestation—was a hot topic at KubeCon among vendors, with many offering their own solutions. One in particular that stood out was CNCF’s recently graduated The Update Framework (TUF).

#Security & Privacy #Monitoring Tools #File Management 4 social mentions

2

Panoptica

If you would rather not install each of the components yourself, then they’re commercially available as part of Cisco Panoptica.

#DevSecOps #Security #Web Application Security 1 social mentions

3

Kubescape

Kubescape is a comprehensive Kubernetes security platform and CNCF sandbox project. It can scan clusters, Helm charts, and YAML manifests to detect misconfigurations. It supports various frameworks, including NSA-CISA, MITRE ATT&CK®, and the CIS Benchmark.

#Developer Tools #Cloud Computing #SaaS 9 social mentions

4

Sysdig Falco

Falco is a well-known open source security solution originally created by Sysdig. It’s a CNCF incubating project and one of the few (as far as I can tell) options on this list that uses eBPF to scan for vulnerabilities.

#Monitoring Tools #Cyber Security #Security 12 social mentions

5

OWASP Dependency-Track

#Security #Code Analysis #Security & Privacy 19 social mentions

6

Anchore

Syft is a popular open source CLI tool created by Anchore for generating an SBOM from container images and filesystems. It’s designed to provide a catalog of dependencies for other tools to use as a data source. It supports many popular programming languages, package managers, and container image formats.

#Security #Security Monitoring #Online Services 5 social mentions