Nov 26, 2025 · 12 min read · Kubernetes has slim pickings when it comes to open source “posture tools.” We’ve already looked at kube-bench, which is not terrible. So, still wandering the landscape in search of the Holy Grail, we’re now turning to Fairwinds Polaris. Polaris tries...
Join discussion
Nov 6, 2025 · 2 min read · ☸️A Kubernetes Admission Controller is a built-in security and policy enforcement mechanism in the Kubernetes API server. It acts like a checkpoint gate/Gatekeeper that controls what can be created, updated, or deleted inside your cluster. Whenever y...
Join discussionNov 5, 2025 · 15 min read · Kubernetes does a lot of things automatically — scheduling, networking, scaling. But trust isn’t one of them. If someone pushes an image to a registry with your project’s name on it, Kubernetes won’t ask questions. It’ll just pull and run. Of course,...
Join discussion
Aug 20, 2025 · 11 min read · You can get a lot done in Kubernetes just by blocking bad stuff at admission time. That’s where we left things in Part 2. We installed Kyverno, wrote policies, and saw workloads getting stopped before they cause trouble. We also saw things like mutat...
Join discussion
Aug 1, 2025 · 12 min read · Kubernetes doesn’t exactly have a shortage of admission control options, but let’s be real, the list isn’t long, and most of it feels like a trade-off. There’s Gatekeeper, which is powerful and tightly integrated with Open Policy Agent, but it speaks...
Join discussion
Jul 25, 2025 · 11 min read · You pop open your detection dashboard and see a pod spawning /bin/bash, reading /etc/shadow, maybe even curling a crypto miner for good measure. Runtime security caught it. Crisis averted? Except... why did that pod get scheduled in the first place? ...
Join discussion
Apr 27, 2025 · 9 min read · What is Istio? Istio is like a “traffic controller” for your app’s services when they talk to each other over the network. Instead of you writing code to manage security, balancing loads, and monitoring traffic between services, Istio handles it for ...
Join discussion
Mar 13, 2025 · 2 min read · Introduction Admission Controllers are a crucial component of Kubernetes' control plane that govern and enforce policies on API requests before they persist in the cluster. They act as intermediaries, evaluating incoming requests to create, update, d...
Join discussion