In a bid to help further improve cloud security, the Open Policy Agent (OPA) and the Secure Production Identity Framework for Everyone (SPIFFE) projects have come to the Cloud Native Computing Foundation (CNCF).

Today, the CNCF Technical Oversight Committee (TOC) voted to accept SPIFFE and SPIRE as incubation-level hosted projects. "Most traditional network-based security tools were not designed for the complexity and sheer scale of microservices and cloud-based architectures," Justin Cormack...

What is SPIFFE? SPIFFE, the Secure Production Identity Framework For Everyone SPIFFE removes the need for application-level authentication and complex network-level ACL configuration. • In this book, security experts and SPIFFE community members provide a deep understanding of...

SPIFFE removes the need for application-level authentication and complex network-level ACL configuration." "Virtual Kubelet is an open source Kubernetes kubelet implementation that masquerades as a kubelet for the purposes of connecting Kubernetes to other APIs.

The CNCF announced the graduation of the Open Policy Agent (OPA) project. OPA went through the standard CNCF graduating process - it was certified for the CII Best Practices Badge, completed multiple security audits Chris Aniszczyk, CTO of the Cloud Native Computing Foundation, noted

Not surprisingly, the CNCF is leading the charge with a myriad of security projects. 2. SPIFFE & SPIRE: Secure identities for workloads. The next important security projects under CNCF SPIFFE and SPIRE are a sign of great progress in network security for cloud-native applications. They poll for new updates, and if there is an update, they download the install files and install the update, often...

In a bid to help further improve cloud security, the Secure Production Identity Framework for Everyone (SPIFFE) and Open Policy Agent (OPA) projects have come to the Cloud Native Computing Foundation (CNCF).

Between the two projects, SPIFFE provides a security specification for securely identifying software systems, while SPIRE is an implementation of the SPIFFE APIs, providing verification of workloads. Beyond the general availability of federated identity, the projects have added a number of features...

REDWOOD CITY, Calif.--(BUSINESS WIRE)--Styra, Inc., the founders of Open Policy Agent (OPA) and leaders in cloud-native authorization, announced today that company OPA maintainers, as well as OPA end users and contributors will deliver nine separate sessions at KubeCon + CloudNativeCon...

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, today announced the graduation of Open Policy Agent (OPA). OPA has demonstrated widespread adoption, an open governance process, feature maturity, and a strong commitment to...

Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.ioDon't miss KubeCon + CloudNativeCon 2020 events in Amsterdam...

The SPIFFE and SPIRE projects, which recently entered the incubate stage at CNCF, provide an These projects enable organizations to deploy consistent, fine-grained cross-service authentication Below are recordings to the cloud-native identity and SPIFFE-related sessions from HPE Discover

The Cloud Native Computing Foundation (CNCF) accepted OPA as an incubation-level hosted project in April 2019. Fugue has also added support to its product for customer-defined rules written using OPA and Rego. This sets Fugue apart from all other cloud infrastructure policy management...

SPIFFE stands for the Secure Production Identity Framework For Everyone. The project aims to define a framework and standards for identifying and securing communications between app services. According to its GitHub page, SPIFFE includes.

This is a project design I am currently working on to consume SPIFFE(Secure Production Identity Framework For Everyone) bootstrapped trust and identification to provide authorization in a...

Engage with the leaders of Kubernetes, Prometheus, and other CNCF-hosted projects as we set the direction for the cloud native ecosystem. Additionally, he is one of the Chairs for CNCF SIG Contributor Strategy, a member of the Inclusive Naming Initiative, and a Dex maintainer.

The OPA project, created by Styra Inc., achieved graduation from CNCF after completing a security audit, addressing vulnerabilities and defining its own governance. With the emergence of public cloud infrastructure, development teams can, for the first time, deploy, configure and manage their...

OPA can integrate with a number of applications and tools, but it is extremely compatible with Kubernetes. OPA takes input as JSON, is easy to containerize, and supports dynamic configuration, all of which make it well suited to provide policy evaluation for the Kubernetes API service.

OPA is hosted by the Cloud Native Computing Foundation (CNCF) as a sandbox level project. There are many routes to deploying a cloud native application, with CNCF Projects representing a The Update Framework (TUF) helps developers maintain the security of a software update system...

To do cloud-native computing, you need to identify all your workloads, and, more importantly, they need the To aid in this task, the Cloud Native Computing Foundation has adopted the open source SPIFFE What is the community doing to ensure the security of Kubernetes tools and features.

This is another CNCF-supported project that helps to simply running applications and services in a The CNCF's work on open standards is steadily bearing fruit and has enabled cloud providers This is really nobody's fault except for the application developer and he's never been a security expert."

New to Twitter? Two-way (sending and receiving) short codes .@CloudNativeFdn accepted SPIFFE into the CNCF Sandbox, a home for early stage and evolving cloud native projects!

The CNCF's guidelines state that the CNCF helps encourage the public visibility of sandbox projects and facilitate their alignment with existing projects. Helm is currently making a series of changes and updates in preparation for the release of Helm V3, which is expected to happen by the end of the year.

"The Cloud Foundry buildpacks enable Pivotal's enterprise customers to manage application While this is just the beginning of a journey for CNB on the CNCF ecosystem, it is certainly a 8 1/2 Things We Learned at SpringOne Platform: New Ideas and Key Affirmations for the Modern Enterprise.

Good security solutions are few and far between. When something is good, it's good for us for it to end up in the CNCF. TUF makes it harder for Container security was an early concern for teams thinking about containerizing their applications, but Docker, which is nearly synonymous with the rise of the...

The cloud native landscape can be complicated and confusing. Its myriad of open source projects The Cloud Native Computing Foundation (CNCF) has a landscape map that shows the full extent of It became clear early on that Kubernetes was just the beginning and that a swarm of new projects...

Performing service authentication between two applications requires overcoming serious technical obstacles when those applications are running on two different cloud platforms, or when one is SPIFFE and SPIRE aim to solve the issue by providing a common language for service authentication.