This week's articles
The Audit Log Wall of Shame
A list of vendors that don't prioritize high-quality, widely-available audit logs for security and operations teams.
Introducing KWOK: Kubernetes WithOut Kubelet
Have you ever wondered how to set up a cluster of thousands of nodes just in seconds, how to simulate real nodes with a low resource footprint, and how to test your Kubernetes controller at scale without spending much on infrastructure? If you answered "yes" to any of these questions, then you might be interested in KWOK, a toolkit that enables you to create a cluster of thousands of nodes in seconds.
Temporary policy exceptions in Kubernetes with Kyverno
Policy Exceptions are a way to provide even more control over which resources get excluded from the scope of a policy but, most importantly, they allow decoupling of the policy from those exclusions.
containerd completes fuzzing audit
The containerd project completed a comprehensive fuzzing audit which added 28 fuzzers covering a wide range of container runtime functionality. During this audit a vulnerability was uncovered in the OCI image importer.