Automatically Visualize Kubernetes Ingress Traffic in the Upwind Topology Map

We are excited to announce a new capability in the Upwind platform, providing organizations with deep visibility into Kubernetes’ ingress traffic to identify exposures and risks. Traditional security systems often fall short in providing comprehensive visibility into how Kubernetes ingress services distribute incoming internet traffic within a cluster, leaving potential blind spots that malicious actors […]
Proactively Secure Kubernetes Workloads with Upwind’s Runtime-Powered KSPM

With the rise of containerized environments and Kubernetes adoption, Kubernetes security posture management (KSPM) has risen to the forefront of cloud security posture initiates. KSPM generally requires the use of security tools or processes to help ensure the security of Kubernetes clusters, with most focusing on policies and configurations. However, this focus on static configuration […]
Easily Query Kubernetes Objects with Upwind’s Runtime Topology Map

We’re excited to introduce a powerful new container security capability that makes it easier than ever to view and query Kubernetes objects while exploring the entire exposure path with Upwind’s runtime topology map. Upwind has always provided deep visibility into containerized resources, showing traffic by port, process, and protocol, as well as details into an […]
Kubernetes Dashboard: Features, Security Concerns, and Best Practices

The Kubernetes Dashboard is a popular web-based interface designed to simplify the management of Kubernetes clusters. It provides an intuitive UI that allows users to view and manage cluster resources without needing to work directly with command-line tools. However, while convenient, the Kubernetes Dashboard also presents specific security risks that should be carefully managed, especially […]
Critical Kubernetes gitRepo Volume Vulnerability: CVE-2024-10220

A critical security vulnerability identified as CVE-2024-10220 has been discovered in Kubernetes’ deprecated gitRepo volume type. This vulnerability allows attackers with permissions to create pods using gitRepo volumes to execute arbitrary commands on the host node with root privileges, potentially leading to full system compromise. The gitRepo volume type was designed to clone Git repositories […]
Get Comprehensive Protection for Container-Optimized OS with Upwind

We are excited to announce an addition to Upwind’s comprehensive container security, with support for Container-Optimized OS. What is Container-Optimized OS? Container-Optimized OS is a Google Cloud operating system image, and is the default node OS Image in Google Kubernetes Engine (GKE). It is primarily used for compute engine VMs and is optimized for running […]
Understanding Kubernetes Identities Part 2: Escalation Paths

In Kubernetes, understanding identity escalation paths is crucial for managing security risks effectively. This blog post delves into defining highly privileged identities and exploring potential privilege escalation paths using highly privileged permissions. Definition of a Highly Privileged Identity in Kubernetes In Kubernetes, a highly privileged identity refers to entities such as users or service accounts […]
Proactively Secure Your Kubernetes With Upwind’s Vulnerability Management

Upwind’s runtime vulnerability management leverages real-time, runtime insights and correlates them with CI/CD and DevOps context, giving you end-to-end visibility and protection for Kubernetes and associated workloads. Upwind’s vulnerability management intelligently prioritizes your most critical vulnerabilities based on real environmental factors, cutting out around 95% of alert noise to focus on the risks that pose […]
Understanding Kubernetes Identities, Part 1

When it comes to Kubernetes, managing identities is pivotal for ensuring secure and efficient cluster operations. These identities can be human users or machines, each requiring specific permissions to perform their tasks. In our latest research, we have explored what Kubernetes identities are, the default identities, the permissions they can have, how to configure these […]
Detect Exposed Kubernetes Dashboards

We are excited to announce a new threat detection, with the ability to identify an exposed Kubernetes Dashboard. This threat detection will inform you when the Kubernetes dashboard for your cluster is exposed to the internet by a Load Balancer. Exposing your dashboard to the internet makes the management interface of your cluster vulnerable to […]