Introducing Our Newsletter: cloudDork's Axiom

...Kubernetes Security Insights. That is a mouthful—cloudDork's Axiom: Kubernetes Security Insights. Let's break it down.

When I started at Palo Alto Networks a few years ago, I was indirectly thrown into the world of kubernetes since the focus was the cloud, but how can you ignore kubernetes, the cloud OS? Formerly called "twistlock," as a former ops guy (a long time ago...stop looking my greys in my beard!), I gravitated to the features that the Compute Edition of Prisma Cloud provided, especially when protecting kubernetes. The evolution repeated, and I started seeing parallels to the hypervisor movement. And then I saw the documentary from the folks over at HoneyPot about kubernetes:

It is three-part series explaining the origins of kubernetes. Shout out to Kelsey Hightower. He eloquently speaks on the movement and has inspired folks like me. We will get sappy in other articles. I am not crying. So where do we begin?

@cloudDork. That is me. My name is Henry Hernández. I never had a nickname in my life. Not even my mother calls me anything different. She throws her Puerto Rican accent on top, which sounds more like 'Henrrry.' Back to 'cloudDork,' when contemplating a name for a future YouTube channel (still coming!), I was still at Palo Alto Networks, and Uber focused on Prisma Cloud, a Cloud Native Application Protection Platform. My world was cloudy...pun intended. WE led with it because customers led with it and continue to choose cloud-first approaches to their modernization of applications. So you had 'cloud,' and at that time, I dove in. I kept reminding myself to be a 'dork' about it. cloud+Dork...plus the two, together with the lowercase 'd' and the upper case 'D,' would look cool as a logo one day and on a hat. And ya' know I love hats!

"Wait, wait papi...you said cloud, but now what is this thing called kubernetes...Que pasa?"

Since then, I joined this hot little startup, ARMO, that released Kubescape about a year ago. Kubescape is an open-source Kubernetes security platform. It includes risk analysis, security compliance, and misconfiguration scanning. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. It saves Kubernetes users and admins precious time, effort, and resources.

And do not worry. There will not be a quiz...not on technology or Spanish.

Ok, so we have cloudDork. We understand that we are going to focus on kubernetes. Would you like me to explain what kubernetes is? We only have space for one line:

Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.

We will go deeper over time, but here is a high-level outline I am considering covering here over time...slowly...but surely.

1. Best Practices: Share best practices for securing Kubernetes clusters, including tips for securing container images, network policies, and RBAC.
2. Vulnerabilities: Keep your readers informed about the latest Kubernetes vulnerabilities and how they can be mitigated.
3. Compliance: Discuss compliance requirements for Kubernetes clusters, such as HIPAA, PCI DSS, and GDPR.
4. Tools and Technologies: Highlight new and emerging tools and technologies that can be used to improve Kubernetes security, such as Kubernetes auditing tools, network security plugins, and container scanning tools.
5. Case Studies: Share real-world examples of Kubernetes security issues and how they were resolved.
6. Events and Conferences: Promote upcoming Kubernetes security events and conferences, both online and offline.
7. Industry News: Share news articles and blogs related to Kubernetes security, including updates from the Kubernetes Security Audit Working Group and other industry experts.
8. Training and Certification: Highlight training and certification programs to help readers improve their Kubernetes security skills.
9. Q&A: Answer common questions related to Kubernetes security, such as how to secure Kubernetes clusters running on public clouds or how to implement multi-tenancy in Kubernetes.
10. Community Engagement: Encourage readers to engage with the Kubernetes security community by joining mailing lists, forums, and Slack channels.

This is a good list of guardrails. I also plan to get some guest writers here, so it is not me and my ramblings. My initial goal is once a week. Disclaimer, I am not a writer. I am a techie who loves technology and is hyper-focused on kubernetes...the cloud OS.

I encourage you, the readers, to provide feedback and suggestions for future topics. What I love about Linkedin is the sense of community compared to other socials. Your feedback will help me, and others improve this newsletter and make it more relevant to your needs.

One more call to action. Share. You might be here to learn something new. You might be here to sharpen your knowledge or see the pulse. Regardless of the reason, share. Share a post. Invite others to the newsletter. Tag me. Comment. Let's get the collaboration going in this space. What I love about #kubescape is the sense of community and the goal of building an end-to-end open-source k8s security platform. But the community needs your help, our help, your neighbor's help, or your mate's help to overcome the hurdles around security for our new favorite orchestrator.

See you next week for the first installment. As the YouTubers say, 'Make sure you click here to like and subscribe...' I have to look at other newsletters to figure out my outro.

Later. H.

Dig Deeper:

> kubescape

> kubernetes

> @cloudDork