Candlelites

Everything from Everywhere

grafeas debuts to improve kubernetes container software security

grafeas debuts to improve kubernetes container software security News Article With The full text news. The Resource Link is down the post and you can View this News Article in the source page.



grafeas debuts to improve kubernetes container software security

understanding where software comes from and how it was built is a cornerstone of good security hygiene. in an effort to further improve security for the open-source kubernetes container orchestration platform, multiple vendors have come together to launch the grafeas project.grafeas which means "scribe" in greek, is an open-source project that is intended to provide audit and governance capabilities for the microservices container software supply chain. the effort is being backed by google and has the support of jfrog, red hat, ibm, black duck, twistlock, aqua security and coreos."the api spec for grafeas was initially developed internally at google, and we iterated on the design through many conversations with our launch collaborators and early testers," stephen elliot, product manager of google cloud, told eweek. "we incorporated the feedback from those conversations, and grafeas represents an open-source version of our internal implementation."in addition to grafeas, google is introducing a kubernetes policy engine called kritis (greek for "judge"). kritis is able to use metadata information collected by grafeas to inform policy decisions on what should or should not run in a kubernetes cluster.related reading"kritis is inspired by internal developments to secure google's cloud applications and discussions with early testers outside google," elliot said. "one other outcome of google's internal efforts is the kubernetes imagepolicywebhook plugin, which allows ...