BoxBoat Blog

Service updates, customer stories, and tips and tricks for effective DevOps

x ?

Get Hands-On Experience with BoxBoat's Cloud Native Academy

Category: Security

Secure Kubernetes Microservices Communication with Istio and OPA

by Zach Yonash | Wednesday, May 18, 2022 | Security Microservices SPIFFE OPA Istio

The cybersecurity landscape has been rapidly evolving in recent years. Many companies have moved well past cloud adoption and are now fully utilizing a hybrid of cloud-native and on-premises technologies, prompting the need for a variety of new security measures to ensure critical workloads aren't compromised. One of the core tenets of zero trust is workload identity. Under the zero trust mindset, verifiable identification between each of your microservices needs to be mutual (see: Mutual TLS).

The Grype Admission Controller

by Josh Knarr | Wednesday, Mar 16, 2022 | Admission Controllers Kubernetes Security

Intro Today I want to write about the grype admission controller. I wrote it. I am proud of it. I think it solves a really uncomfortable problem in DevSecOps. Security has a big problem: On one hand, security teams are responsible for making everything secure. That's their job. But on the other hand, they need to somehow do that job while not being directly involved in the production of the code.

The Security Benefits of Podman-in-Docker vs Docker-in-Docker in Gitlab (And How To Set That Up)


by Carly Rodriguez | Monday, Feb 7, 2022 | Education Docker Security

Containers have given the tech industry a convenient way to bundle up dependencies and code into a portable image that can run seamlessly across different computing environments. This convenience, however, can sometimes come at a cost. In order to leverage docker building capabilities within a Gitlab environment, the docker-executor must be given host privileges to run a docker-in-docker service that will allow connection to the docker daemon on the host machine.

Admission Controller for Secure Supply Chain Verification - Kyverno


by Parth Patel | Monday, Dec 6, 2021 | Secure Supply Chain Open-Source Security

Admission Controllers are an important piece of ensuring that production clusters only deploy signed and trusted applications. Running these tools within your cluster allows for automated detection and enforcement of your organization's policies. They can be especially useful when dealing with supply chain security! Open Policy Agent Gatekeeper has become one of the standards used for a variety of validating and mutating webhooks. But another tool, Kyverno, has been growing in popularity (and functionality) to meet the challenges of supply chain security.

Secure Supply Chain - Tekton Chains


by Parth Patel | Monday, Nov 8, 2021 | Secure Supply Chain Open-Source Security

Tekton has been growing in popularity as a go-to CI/CD cloud native pipeline tool. Tekton installs and runs as an extension on a Kubernetes cluster and comprises a set of Kubernetes Custom Resources that define the building blocks you can create and reuse for your pipelines. It provides the ability to create custom pipelines with various tasks, from building images, storing and scanning the images, and deploying them to a kubernetes cluster.

  Page 1 of 2   Older Posts