Use IP allowlisting for a basic perimeter, combine with OIDC for identity verification.
Use IP allowlisting for a basic perimeter, combine with OIDC for identity verification, and consider zero trust overlays like OpenZiti for scalable security.
Implement RBAC audits by enforcing policies with Kyverno, validating access controls.
Implement RBAC audits by enforcing policies with Kyverno, validating access controls, and maintaining audit trails to meet compliance requirements.
Falco detects runtime threats in Kubernetes but requires deliberate tuning and alerting integration to avoid drowning in noise.
Falco detects runtime threats in Kubernetes but requires deliberate tuning and alerting integration to avoid drowning in noise.
A practical guide for platform engineers to manage vendor pitches efficiently at KubeCon.
A practical guide for platform engineers to manage vendor pitches efficiently at KubeCon.
The AlwaysDeny authorizer mode in Kubernetes does not deny requests as expected due to its design to return NoOpinion.
The AlwaysDeny authorizer mode in Kubernetes does not deny requests as expected due to its design to return NoOpinion, requiring configuration adjustments.
Preventative maintenance, routine care, and repairs for Kubernetes & OpenShift clusters
I’m a Red Hatter working as a Solutions Architect, formerly a Senior Cloud Success Architect, with a focus on and passion for OpenShift and Ansible. Previous life? Cloud Advanced Technology Lead & Big Data Engineer for Lockheed Martin Space, IT/IS Data Center Manager for Lockheed Martin IS&GS, and Senior Infrastructure Designer/Administrator for the City of Gainesville & City of Alachua.
Learn More
Share this post
Twitter
Google+
Facebook
Reddit
LinkedIn
StumbleUpon
Pinterest
Email