VSHN.timer

VSHN.timer #182: Security Through AI

15. May 2023

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.

This week we’re going to talk about the next frontier of Kubernetes security: automation through AI and ML.

1. GitLab recently announced a new AI-driven security feature that uses a large language model to explain potential vulnerabilities to developers, with plans to expand this to automatically resolve these vulnerabilities using AI in the future.

https://techcrunch.com/2023/04/24/gitlabs-new-security-feature-uses-ai-to-explain-vulnerabilities-to-developers/

2. According to the 2023 Global DevSecOps Report by GitLab, organizations are incorporating security earlier in the development lifecycle, with more vulnerabilities discovered through artificial intelligence for security testing and code checks.

https://learn.gitlab.com/devsecops-survey-2023/2023-devsecops-report-security

3. There are many factors that can expose your Kubernetes cluster to attacks; configuration issues, exposed Kubernetes APIs, insecure containers, and more. Here’s a list of useful automated security scanners for your clusters.

https://towardsdev.com/12-scanners-to-find-security-vulnerabilities-and-misconfigurations-in-kubernetes-332a738d076d

4. Kuasar is an efficient container runtime that provides cloud-native, all-scenario container solutions by supporting multiple sandbox techniques. Written in Rust, it offers a standard sandbox abstraction based on the sandbox API.

https://kuasar.io/

5. Have you seen The Illustrated TLS 1.3 Connection? Every byte sent back and forth is explained and reproduced, in this demonstration where a client connects to a server, negotiates a TLS 1.3 session, sends “ping”, receives “pong”, and then terminates the session.

https://tls13.xargs.org/

Have you automated your security checks in your clusters? Are you using AI to manage your container deployments? Would you like to share tips and tricks with our readers? Get in touch with us, and see you next week for another edition of VSHN.timer.

PS: check out our previous VSHN.timer editions about security: #8, #17, #22, #27, #32, #44, #54, #62, #76, #84, #93, #106, #117, #128, #142, #145, #164, and #169.

PS2: do you prefer reading VSHN.timer in your favorite RSS reader? Subscribe to this feed.

PS3: would you like to receive VSHN.timer every Monday in your inbox? Sign up for our weekly VSHN.timer newsletter.

Adrian Kosmaczewski

Adrian Kosmaczewski is in charge of Developer Relations at VSHN. He is a software developer since 1996, a trainer, and a published author. Adrian holds a Master in Information Technology from the University of Liverpool.

Contact us

Our team of experts is available for you. In case of emergency also 24/7.

Contact us