FQDN Filtering in AKS: Enhancing Security with Advanced Container Networking Services (ACNS)

Reading Time: 5 minutes In today’s cloud-native world, securing your Kubernetes clusters is more critical than ever. Traditional IP-based security measures often fall short in dynamic environments where IP addresses change frequently. This is where Fully Qualified Domain Name (FQDN) filtering comes into play, offering a more efficient and scalable way to manage network Read more…

Implementing Deployment Safeguards in Azure Kubernetes Service (AKS): A Step-by-Step Guide

Reading Time: 4 minutes Azure Kubernetes Service (AKS) introduces Deployment Safeguards, a feature designed to enforce Kubernetes best practices through Azure Policy controls. This guide provides a step-by-step walkthrough on how to set up and leverage Deployment Safeguards for more secure and compliant Kubernetes deployments. Understanding Deployment Safeguards Deployment Safeguards are designed to enforce Read more…

Introducing Enhanced Security in Azure Kubernetes Service: Disabling SSH Access on Cluster Nodes

Reading Time: 3 minutes In the ever-evolving landscape of cloud computing and Kubernetes management, Microsoft’s Azure Kubernetes Service (AKS) continuously introduces features to bolster security and ease of management. A significant new feature now in preview is the ability to control SSH access to AKS cluster nodes, providing administrators with enhanced security capabilities. This Read more…

We now have Agentless Discovery for Kubernetes in Defender for Containers

Reading Time: 2 minutes In the ever-evolving world of cloud native technologies, keeping your Kubernetes cluster, including Azure Kubernetes Service (Kubernetes), secure is paramount. On August 31, 2023, Microsoft added Agentless Discovery for Kubernetes to Defender for Containers. This exciting addition allows you to enhance your Kubernetes security without the hassle of installing extra Read more…

Use Trivy and Azure DevOps to scan container images for Vulnerabilities

Reading Time: 5 minutes So, in this short article, I am going to walk you through how I am scanning for vulnerabilities in my container images during the CI pipeline using Azure DevOps. For this, I am using Trivy https://github.com/aquasecurity/trivy by AQUA https://www.aquasec.com/. It’s an open-source simple and comprehensive vulnerability scanner for containers. Perfect Read more…