Blog Icon

Blog Post

Announcing the Cloud Native Security Hub

One of the main benefits to standardized infrastructure is the ability to share application resources across entities. We are taking advantage of this with the Cloud Native Security Hub as we start to explore how to standardize cloud native security.

Securing cloud native environments is a new challenge for any team trying to bring these workloads to production. Implementing cloud native security with open source projects like Falco increases the confidence of DevOps teams that are taking a declarative approach. Support from an open community furthermore allows users to tackle the increased complexity of securing their infrastructure. This open technology empowers the community to iterate quickly. The community remains reactive and agile to threats and possible attack vectors.

In order to share within the community a growing number of Falco rules that cover different cloud native technologies and use cases we thought about creating a purpose specific repository: a Falco rules hub. But Falco is not the only security tools in the cloud native landscape. Falco focuses on runtime security and compliance, but there are others like OPA that its been built for pre-deployment compliance validation, or docker-bench or kube-bench that check the infrastructure for conformance with CIS benchmarks.

Enter the Cloud Native Security Hub. This project aims to be a platform or a hub for discovering and sharing rules and configurations for all these cloud native security tools. You can browse, search, and learn about the approaches other community members take to implement security. You can download these rules or configurations, customize them and incorporate them easily into your security policy so together we make containers and Kubernetes more secure.

Cloud Native Security Hub

The first version that we are launching today introduces Falco rules support, but support for other tools will come soon. The Cloud Native Security Hub supports tagging these Falco rules, versioning them, and pulling them directly into your Falco deployment.

This is a community driven project and we hope you work with us growing the resources available, contributing Falco rules or helping us to develop support for other tools.

All the source code is available under Apache 2.0 license, under falcosecurity Github organization, across three repos:

Read about how to get involved in Contributing to Cloud Native SecurityHub and in https://falco.org/blog/cloud-native-security-hub/.

And you can also join us to chat about it in the #cloud-native-security-hub channel in Slack.

Share This

Stay up to date

Sign up to receive our newest.

Related Posts

Sysdig Secure 3.0 introduces native prevention and incident response for Kubernetes

CVE-2018-18264 Privilege escalation through Kubernetes dashboard.

Detecting the Kubernetes API server DoS vulnerability (CVE-2019-1002100).