All Community Posts


The cost of ignoring security champions: a cautionary tale for application security culture
Community Post The cost of ignoring security champions: a cautionary tale for application security culture
Community post by Rodrigo Maues Rocha, Tech Lead Consulting at Conviso Application Security Nowadays, where software development is more complex and dynamic than ever, ensuring application security is crucial. However, knowing where to begin can be challenging when...
May 31, 2023

Finding inspiration: Reflections on KubeCon + CloudNativeCon Europe trends and ideas for the next call for proposals
Community Post Finding inspiration: Reflections on KubeCon + CloudNativeCon Europe trends and ideas for the next call for proposals
Guest post by Amanda Katona, Director of Community Engagement, VMware If you watched KubeCon + CloudNativeCon Europe 2023 from the sidelines like me, then this post is for you!  Total read time: 5–10 minutes Watching KubeCon + CloudNativeCon...
May 19, 2023 | By Amanda Katona

Argo CD end user threat model: security considerations for hardening declarative GitOps CD on Kubernetes
Community Post Argo CD end user threat model: security considerations for hardening declarative GitOps CD on Kubernetes
Community post by Andres Vega from ControlPlane and Michael Crenshaw from Argo CD Argo CD provides deployment flexibility, which enables operators to configure it to varying situations. The new report by ControlPlane provides a comprehensive threat modeling analysis...
April 21, 2023 | By Andres Vega + Michael Crenshaw

New Kubernetes security audit complete and open sourced
Community Post New Kubernetes security audit complete and open sourced
By Chris Aniszczyk (@cra) and Rey Lejano In 2018, the Cloud Native Computing Foundation (CNCF) started performing and open sourcing third-party security audits with the goal of improving the overall security practices of our ecosystem. Since then, Argo,...
April 19, 2023

CNCF fuzzing open source projects for security and reliability
Community Post CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving Security by...
April 18, 2023

Introducing Cloud Native Explorers: Amsterdam! 
Community Post Introducing Cloud Native Explorers: Amsterdam! 
By the Cloud Native Explorers Building on the success of “Bob and Jeefy’s Guide to Detroit”, we are pleased to announce Cloud Native Explorers! Cloud Native Explorers is a new blog series where we bring together community members...
April 17, 2023

Tips and tricks for a successful KubeCon + CloudNativeCon Europe 2023!
Community Post Tips and tricks for a successful KubeCon + CloudNativeCon Europe 2023!
By the CNCF Marketing Committee + CNCF Staff KubeCon + CloudNativeCon Europe 2023 is just days away, and with more than 10,000 folks attending, this event is the Cloud Native community’s largest in Europe to date. Networking is...
April 11, 2023

Announcing a white paper on Platforms for Cloud Native Computing
Community Post Announcing a white paper on Platforms for Cloud Native Computing
Community post by Josh Gavant and Abby Bangser, CNCF’s Platforms WG CNCF’s Platforms working group (WG) is pleased to announce the first release of a whitepaper to provide guidance and clarity on the nature and benefits of platforms...
April 11, 2023 | By Josh Gavant + Abby Bangser

The longest-running Kubernetes Community Days is back!
Ambassador Post The longest-running Kubernetes Community Days is back!
Guest post by Alessandro Vozza, Andy Repton, Andrea Giardini, Ayodeji Ogundare, Marcel Kerker, Meg Stefouli, Pablo Musa, and William Rizzo This is a story about community, resilience, grit, and friendship. The Netherlands is a small country with about...
April 11, 2023

Securing cloud native environments: CNCF Cloud Native Security Whitepaper version 2 audio is now available
Community Post Securing cloud native environments: CNCF Cloud Native Security Whitepaper version 2 audio is now available
Community post by Ragashree M C, CNCF Security Technical Advisory Group CNCF Security Technical Advisory Group is excited to announce the release of the audio version of our flagship whitepaper, Cloud Native Security Whitepaper v2. As more and...
April 10, 2023