Kubesploit
@kubesploit.io
News and links on Kubernetes security curated by the @Learnk8s.io team
More K8s news, events, jobs → https://kube.today
More K8s news, events, jobs → https://kube.today
This open-source platform lets you run a self-hosted zero-trust secure access solution supporting VPN-like WireGuard/QUIC, ZTNA, API/AI gateways, homelab access and Kubernetes ingress on your own infrastructure
➤ https://ku.bz/JWMdMH_J8
➤ https://ku.bz/JWMdMH_J8
December 18, 2025 at 6:11 PM
This open-source platform lets you run a self-hosted zero-trust secure access solution supporting VPN-like WireGuard/QUIC, ZTNA, API/AI gateways, homelab access and Kubernetes ingress on your own infrastructure
➤ https://ku.bz/JWMdMH_J8
➤ https://ku.bz/JWMdMH_J8
This code tool helps you gather logs, metrics and code changes, then uses AI-powered root-cause analysis to surface what broke in production and suggest immediate fixes
➜ https://ku.bz/srJCYmX4J
➜ https://ku.bz/srJCYmX4J
December 18, 2025 at 6:06 PM
This code tool helps you gather logs, metrics and code changes, then uses AI-powered root-cause analysis to surface what broke in production and suggest immediate fixes
➜ https://ku.bz/srJCYmX4J
➜ https://ku.bz/srJCYmX4J
Reposted by Kubesploit
Sealed Secrets provides declarative Kubernetes Secret Management in a secure way
Since the Sealed Secrets are encrypted, they can be safely stored in a code repository
➤ https://ku.bz/M_ZTLCWtB
Since the Sealed Secrets are encrypted, they can be safely stored in a code repository
➤ https://ku.bz/M_ZTLCWtB
December 17, 2025 at 6:11 PM
Sealed Secrets provides declarative Kubernetes Secret Management in a secure way
Since the Sealed Secrets are encrypted, they can be safely stored in a code repository
➤ https://ku.bz/M_ZTLCWtB
Since the Sealed Secrets are encrypted, they can be safely stored in a code repository
➤ https://ku.bz/M_ZTLCWtB
This article introduces ChaosRoom, a playful tool that helps engineers learn chaos engineering by running mini-games simulating faults and observing how systems respond
➜ https://ku.bz/2GlrYmTbT
➜ https://ku.bz/2GlrYmTbT
December 17, 2025 at 6:06 PM
This article introduces ChaosRoom, a playful tool that helps engineers learn chaos engineering by running mini-games simulating faults and observing how systems respond
➜ https://ku.bz/2GlrYmTbT
➜ https://ku.bz/2GlrYmTbT
Reposted by Kubesploit
This week on the Learn Kubernetes Weekly:
🐍 Kubernetes’s Python Moment
☁️ Leaving Big Cloud with Kubernetes
📦 DRA in Kubernetes v1.34
🛠️ APIs with Kong Ingress
🚑 Fixing Upstream Connect Errors
⭐️ Depot
Read it now: https://kube.today/issues/162
🐍 Kubernetes’s Python Moment
☁️ Leaving Big Cloud with Kubernetes
📦 DRA in Kubernetes v1.34
🛠️ APIs with Kong Ingress
🚑 Fixing Upstream Connect Errors
⭐️ Depot
Read it now: https://kube.today/issues/162
December 17, 2025 at 11:31 AM
This week on the Learn Kubernetes Weekly:
🐍 Kubernetes’s Python Moment
☁️ Leaving Big Cloud with Kubernetes
📦 DRA in Kubernetes v1.34
🛠️ APIs with Kong Ingress
🚑 Fixing Upstream Connect Errors
⭐️ Depot
Read it now: https://kube.today/issues/162
🐍 Kubernetes’s Python Moment
☁️ Leaving Big Cloud with Kubernetes
📦 DRA in Kubernetes v1.34
🛠️ APIs with Kong Ingress
🚑 Fixing Upstream Connect Errors
⭐️ Depot
Read it now: https://kube.today/issues/162
This tool delivers real-time node/pod-level process, file and network visibility for Kubernetes and bare-metal environments, with rule-based alerts, dashboards and hybrid cloud support
➜ https://ku.bz/7lk94WvMv
➜ https://ku.bz/7lk94WvMv
December 16, 2025 at 6:06 PM
This tool delivers real-time node/pod-level process, file and network visibility for Kubernetes and bare-metal environments, with rule-based alerts, dashboards and hybrid cloud support
➜ https://ku.bz/7lk94WvMv
➜ https://ku.bz/7lk94WvMv
This article shows how to use the Kong OIDC plugin together with Keycloak to secure cluster services and HTTP routes at the API gateway level
➜ https://ku.bz/2Q103hfW1
➜ https://ku.bz/2Q103hfW1
December 15, 2025 at 6:06 PM
This article shows how to use the Kong OIDC plugin together with Keycloak to secure cluster services and HTTP routes at the API gateway level
➜ https://ku.bz/2Q103hfW1
➜ https://ku.bz/2Q103hfW1
December 14, 2025 at 6:06 PM
Kviklet provides a secure, self-hosted tool for engineering teams to request, review, and approve production database queries with a workflow inspired by code reviews
➤ https://ku.bz/blQ6ybFXN
➤ https://ku.bz/blQ6ybFXN
December 13, 2025 at 6:06 PM
Kviklet provides a secure, self-hosted tool for engineering teams to request, review, and approve production database queries with a workflow inspired by code reviews
➤ https://ku.bz/blQ6ybFXN
➤ https://ku.bz/blQ6ybFXN
This case study explains how BioCatch migrated their Vault environment from costly external storage to Raft, enabling high availability, easy disaster recovery, and lower operational costs in Kubernetes
➤ https://ku.bz/zPwwpmMyV
➤ https://ku.bz/zPwwpmMyV
December 12, 2025 at 6:11 PM
This case study explains how BioCatch migrated their Vault environment from costly external storage to Raft, enabling high availability, easy disaster recovery, and lower operational costs in Kubernetes
➤ https://ku.bz/zPwwpmMyV
➤ https://ku.bz/zPwwpmMyV
This open-source tool helps you manage authentication and access across servers, databases and Kubernetes clusters via API or CLI
➜ https://ku.bz/VYnDyMT1h
➜ https://ku.bz/VYnDyMT1h
December 12, 2025 at 6:06 PM
This open-source tool helps you manage authentication and access across servers, databases and Kubernetes clusters via API or CLI
➜ https://ku.bz/VYnDyMT1h
➜ https://ku.bz/VYnDyMT1h
This open-source tool lets you analyze connectivity, inspect applied NetworkPolicies, and generate policy YAMLs, all with an interactive fuzzy-finder UI and JSON/table outputs
➤ https://ku.bz/HJpY-dbmG
➤ https://ku.bz/HJpY-dbmG
December 12, 2025 at 6:11 AM
This open-source tool lets you analyze connectivity, inspect applied NetworkPolicies, and generate policy YAMLs, all with an interactive fuzzy-finder UI and JSON/table outputs
➤ https://ku.bz/HJpY-dbmG
➤ https://ku.bz/HJpY-dbmG
This article explains how to remove permission checks from microservices and build a centralized authorization layer with Kong OSS and OpenFGA
➜ https://ku.bz/50Pf5hFcV
➜ https://ku.bz/50Pf5hFcV
December 11, 2025 at 6:06 PM
This article explains how to remove permission checks from microservices and build a centralized authorization layer with Kong OSS and OpenFGA
➜ https://ku.bz/50Pf5hFcV
➜ https://ku.bz/50Pf5hFcV
Reposted by Kubesploit
This week on the Learn Kubernetes Weekly:
🔥 Informers Are Easy to Misuse
🎤 Three Optimization Lessons
🛑 Graceful Shutdown
🚪 Namespaces & Multi-tenancy
🎯 Centralizing Helm with HTTPProxy
⭐️ StormForge by CloudBolt
Read it now: https://kube.today/issues/161
🔥 Informers Are Easy to Misuse
🎤 Three Optimization Lessons
🛑 Graceful Shutdown
🚪 Namespaces & Multi-tenancy
🎯 Centralizing Helm with HTTPProxy
⭐️ StormForge by CloudBolt
Read it now: https://kube.today/issues/161
December 10, 2025 at 11:51 AM
This week on the Learn Kubernetes Weekly:
🔥 Informers Are Easy to Misuse
🎤 Three Optimization Lessons
🛑 Graceful Shutdown
🚪 Namespaces & Multi-tenancy
🎯 Centralizing Helm with HTTPProxy
⭐️ StormForge by CloudBolt
Read it now: https://kube.today/issues/161
🔥 Informers Are Easy to Misuse
🎤 Three Optimization Lessons
🛑 Graceful Shutdown
🚪 Namespaces & Multi-tenancy
🎯 Centralizing Helm with HTTPProxy
⭐️ StormForge by CloudBolt
Read it now: https://kube.today/issues/161
Tetragon enables powerful real-time, eBPF-based security observability and runtime enforcement
It is Kubernetes-aware and understands identities, allowing security event detection to be configured in relation to individual workloads
➜ https://ku.bz/WrhnVyd2p
It is Kubernetes-aware and understands identities, allowing security event detection to be configured in relation to individual workloads
➜ https://ku.bz/WrhnVyd2p
December 9, 2025 at 6:06 PM
Tetragon enables powerful real-time, eBPF-based security observability and runtime enforcement
It is Kubernetes-aware and understands identities, allowing security event detection to be configured in relation to individual workloads
➜ https://ku.bz/WrhnVyd2p
It is Kubernetes-aware and understands identities, allowing security event detection to be configured in relation to individual workloads
➜ https://ku.bz/WrhnVyd2p
This article explores why using Kubernetes namespaces alone is not a sufficient isolation or security boundary
It shows common pitfalls and many attack paths that let a tenant escape isolation even if you only gave them access to a single namespace
➜ https://ku.bz/PCmRjmB57
It shows common pitfalls and many attack paths that let a tenant escape isolation even if you only gave them access to a single namespace
➜ https://ku.bz/PCmRjmB57
December 8, 2025 at 6:06 PM
This article explores why using Kubernetes namespaces alone is not a sufficient isolation or security boundary
It shows common pitfalls and many attack paths that let a tenant escape isolation even if you only gave them access to a single namespace
➜ https://ku.bz/PCmRjmB57
It shows common pitfalls and many attack paths that let a tenant escape isolation even if you only gave them access to a single namespace
➜ https://ku.bz/PCmRjmB57
Reposted by Kubesploit
🚀 It's that time of the year! What did I achieve in 2025?
A thread 🧵
A thread 🧵
December 8, 2025 at 2:06 PM
🚀 It's that time of the year! What did I achieve in 2025?
A thread 🧵
A thread 🧵
Kube No Trouble (kubent) is a tool to check whether you're using any deprecated APIs in your cluster and therefore should upgrade your workloads first, before upgrading your Kubernetes cluster
➜ https://ku.bz/zMyZdL3w6
➜ https://ku.bz/zMyZdL3w6
December 5, 2025 at 6:06 PM
Kube No Trouble (kubent) is a tool to check whether you're using any deprecated APIs in your cluster and therefore should upgrade your workloads first, before upgrading your Kubernetes cluster
➜ https://ku.bz/zMyZdL3w6
➜ https://ku.bz/zMyZdL3w6
This tutorial walks you through enabling, running, and monitoring IPv6 networking on Kubernetes clusters using Cilium
➜ https://ku.bz/b6RFcGQjF
➜ https://ku.bz/b6RFcGQjF
December 4, 2025 at 6:06 PM
This tutorial walks you through enabling, running, and monitoring IPv6 networking on Kubernetes clusters using Cilium
➜ https://ku.bz/b6RFcGQjF
➜ https://ku.bz/b6RFcGQjF
This tool provides a Model Context Protocol (MCP) server for querying Kubernetes Audit Logs across cloud providers using AWS CloudWatch, GCP Logging, and Alibaba SLS
➜ https://ku.bz/Hm_CMFF66
➜ https://ku.bz/Hm_CMFF66
December 3, 2025 at 6:06 PM
This tool provides a Model Context Protocol (MCP) server for querying Kubernetes Audit Logs across cloud providers using AWS CloudWatch, GCP Logging, and Alibaba SLS
➜ https://ku.bz/Hm_CMFF66
➜ https://ku.bz/Hm_CMFF66
Reposted by Kubesploit
This week on the Learn Kubernetes Weekly:
🌐 Networking from Packets to Pods
⚙️ Istio Upgrades
🔍 Finding Kubernetes Exit Codes
🔒 Security fundamentals: networking
📊 Jaeger Tracing on Kubernetes
⭐️ vCluster Labs
Read it now: https://kube.today/issues/160
🌐 Networking from Packets to Pods
⚙️ Istio Upgrades
🔍 Finding Kubernetes Exit Codes
🔒 Security fundamentals: networking
📊 Jaeger Tracing on Kubernetes
⭐️ vCluster Labs
Read it now: https://kube.today/issues/160
December 3, 2025 at 11:56 AM
This week on the Learn Kubernetes Weekly:
🌐 Networking from Packets to Pods
⚙️ Istio Upgrades
🔍 Finding Kubernetes Exit Codes
🔒 Security fundamentals: networking
📊 Jaeger Tracing on Kubernetes
⭐️ vCluster Labs
Read it now: https://kube.today/issues/160
🌐 Networking from Packets to Pods
⚙️ Istio Upgrades
🔍 Finding Kubernetes Exit Codes
🔒 Security fundamentals: networking
📊 Jaeger Tracing on Kubernetes
⭐️ vCluster Labs
Read it now: https://kube.today/issues/160
Reposted by Kubesploit
🗣️ Ritesh Patel announces Nirmata's AI Platform Engineering Assistant launch
The AI assistant accelerates security, policy, and governance tasks with 10x faster completion
Watch: https://ku.bz/8nkrRSG_Z
Read: https://ku.bz/8_yYZZMG4
The AI assistant accelerates security, policy, and governance tasks with 10x faster completion
Watch: https://ku.bz/8nkrRSG_Z
Read: https://ku.bz/8_yYZZMG4
December 2, 2025 at 7:17 PM
🗣️ Ritesh Patel announces Nirmata's AI Platform Engineering Assistant launch
The AI assistant accelerates security, policy, and governance tasks with 10x faster completion
Watch: https://ku.bz/8nkrRSG_Z
Read: https://ku.bz/8_yYZZMG4
The AI assistant accelerates security, policy, and governance tasks with 10x faster completion
Watch: https://ku.bz/8nkrRSG_Z
Read: https://ku.bz/8_yYZZMG4
This article explains how to enforce security and compliance by validating Kubernetes resource configs using Open Policy Agent (OPA) and Rego policies, with deployment tips for Gatekeeper and sidecars
➜ https://ku.bz/nVYydLnDP
➜ https://ku.bz/nVYydLnDP
December 2, 2025 at 6:06 PM
This article explains how to enforce security and compliance by validating Kubernetes resource configs using Open Policy Agent (OPA) and Rego policies, with deployment tips for Gatekeeper and sidecars
➜ https://ku.bz/nVYydLnDP
➜ https://ku.bz/nVYydLnDP
Reposted by Kubesploit
🗣️ Fabián walks through an investigation that started with a simple request: allowing cluster tenants to use 3rd-party Kafka services. What seemed straightforward turned into a complex DNS resolution problem
https://ku.bz/NsBZ-FwcJ
🌟 LearnKube
🎙 🎙Bart
https://ku.bz/NsBZ-FwcJ
🌟 LearnKube
🎙 🎙Bart
December 2, 2025 at 1:32 PM
🗣️ Fabián walks through an investigation that started with a simple request: allowing cluster tenants to use 3rd-party Kafka services. What seemed straightforward turned into a complex DNS resolution problem
https://ku.bz/NsBZ-FwcJ
🌟 LearnKube
🎙 🎙Bart
https://ku.bz/NsBZ-FwcJ
🌟 LearnKube
🎙 🎙Bart