Cloud Security

Kubescape accepted into Cloud Native Computing Foundation

The Cloud Native Computing Foundation has officially accepted Kubescape as a sandbox project, according to The New Stack. Kubescape is an open-source Kubernetes security platform that covers the full lifecycle of an application's development, including IDE, security, misconfiguration scanning, and compliance. It launches scans from the very beginning and proceeds into the deployment and cluster-management stages, while also providing useful tools for DevOps teams such as software-bill-of-materials, signature scanning, and policy controls. Teams can use the platform to detect and address flaws and misconfigurations based on frameworks including MITRE ATT&CK, NSA-CISA, and the CIS Benchmark. Kubescape evaluates objects against a library of posture controls using Open Policy Agent and allows users to export results in various ways. In addition, developer ARMO provides an extra layer of protection for Kubescape in the form of the ARMO Platform, which it describes as a "ready-made" security platform for Kubernetes for SaaS or on-premises deployments.

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.