VSHN.timer

VSHN.timer #182: Security Through AI

15. Mai 2023

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.

This week we’re going to talk about the next frontier of Kubernetes security: automation through AI and ML.

1. GitLab recently announced a new AI-driven security feature that uses a large language model to explain potential vulnerabilities to developers, with plans to expand this to automatically resolve these vulnerabilities using AI in the future.

https://techcrunch.com/2023/04/24/gitlabs-new-security-feature-uses-ai-to-explain-vulnerabilities-to-developers/

2. According to the 2023 Global DevSecOps Report by GitLab, organizations are incorporating security earlier in the development lifecycle, with more vulnerabilities discovered through artificial intelligence for security testing and code checks.

https://learn.gitlab.com/devsecops-survey-2023/2023-devsecops-report-security

3. There are many factors that can expose your Kubernetes cluster to attacks; configuration issues, exposed Kubernetes APIs, insecure containers, and more. Here’s a list of useful automated security scanners for your clusters.

https://towardsdev.com/12-scanners-to-find-security-vulnerabilities-and-misconfigurations-in-kubernetes-332a738d076d

4. Kuasar is an efficient container runtime that provides cloud-native, all-scenario container solutions by supporting multiple sandbox techniques. Written in Rust, it offers a standard sandbox abstraction based on the sandbox API.

https://kuasar.io/

5. Have you seen The Illustrated TLS 1.3 Connection? Every byte sent back and forth is explained and reproduced, in this demonstration where a client connects to a server, negotiates a TLS 1.3 session, sends „ping“, receives „pong“, and then terminates the session.

https://tls13.xargs.org/

Have you automated your security checks in your clusters? Are you using AI to manage your container deployments? Would you like to share tips and tricks with our readers? Get in touch with us, and see you next week for another edition of VSHN.timer.

PS: check out our previous VSHN.timer editions about security: #8, #17, #22, #27, #32, #44, #54, #62, #76, #84, #93, #106, #117, #128, #142, #145, #164, and #169.

PS2: do you prefer reading VSHN.timer in your favorite RSS reader? Subscribe to this feed.

PS3: would you like to receive VSHN.timer every Monday in your inbox? Sign up for our weekly VSHN.timer newsletter.

Adrian Kosmaczewski

Adrian Kosmaczewski ist bei VSHN für den Bereich Developer Relations zuständig. Er ist seit 1996 Software-Entwickler, Trainer und veröffentlichter Autor. Adrian hat einen Master in Informationstechnologie von der Universität Liverpool.

Kontaktiere uns

Unser Expertenteam steht für dich bereit. Im Notfall auch 24/7.

Kontakt