Posted on

Monitor Kubernetes Events With Falco For Free

Kubernetes is now the platform of choice for many companies to manage their applications both on-premises and in the cloud. Its emergence a few years ago drastically changed the way we work. The flexibility of this platform has allowed us to increase the productivity of the engineering teams, thus requiring new working methods more adapted to this dynamic environment.

Kubernetes requested an adaptation of the security control processes to ensure the continuity of the reliability of this system. Falco is a tool that fits into this ecosystem.

Posted on

Building with Open Policy Agent (OPA) for Better Policy as Code

When we hear the term Policy as Code, it’s for the most part associated with the enforcement aspects of applying policy at scale within organizations.  Whether in the context of GitOps or just popular open source projects like Open Policy Agent (OPA), applying global policy is the end goal.

However, OPA as an open source project is quite unique in its capabilities. There is a whole pre-enforcement set of tools that provide incredible insights into our systems that have long been overlooked.  A new wave of infrastructure drift has arisen in the cloud world due to the layers of abstraction and automation. When building Firefly, we channeled the power of OPA as a policy discovery engine, not just an enforcement mechanism.

Posted on

What Is Open Policy Agent and How It Works

Open Policy Agent is an open-source engine that provides a way of declaratively writing policies as code and then using those policies as part of a decision-making process. It uses a policy language called Rego, allowing you to write policies for different services using the same language.

OPA can be used for a number of purposes, including:

Posted on

The Coding SysAdmin

In announcing the now-complete $1.2 billion megamerger between McAfee and FireEye last week, CEO Bryan Palma slipped in the comment that the way forward with security and modern system management is automation, saying,

"There's just no way that people can keep up, and we're seeing that. We've got nation-states now involved in making attacks, and that's very concerning because they obviously have very strong capabilities."