Kubernetes Runtime Enforcement with KubeArmor

In the last post, we rolled up our sleeves and built a minimal AppArmor profile from scratch — one script, one path, one rule at a time. We also applied it inside Kubernetes to block a pod from writing to /tmp. It worked well — but it’s not exactly s...