One of the main benefits to standardized infrastructure is the ability to share application resources across entities. We are taking advantage of this with the Cloud Native Security Hub as we start to explore how to standardize cloud native security.
Securing cloud native environments is a new challenge for any team trying to bring these workloads to production. Implementing cloud native security with open source projects like Falco increases the confidence of DevOps teams that are taking a declarative approach. Support from an open community furthermore allows users to tackle the increased complexity of securing their infrastructure. This open technology empowers the community to iterate quickly. The community remains reactive and agile to threats and possible attack vectors.
In order to share within the community a growing number of Falco rules that cover different cloud native technologies and use cases we thought about creating a purpose specific repository: a Falco rules hub. But Falco is not the only security tools in the cloud native landscape. Falco focuses on runtime security and compliance, but there are others like OPA that its been built for pre-deployment compliance validation, or docker-bench or kube-bench that check the infrastructure for conformance with CIS benchmarks.
Enter the Cloud Native Security Hub. This project aims to be a platform or a hub for discovering and sharing rules and configurations for all these cloud native security tools. You can browse, search, and learn about the approaches other community members take to implement security. You can download these rules or configurations, customize them and incorporate them easily into your security policy so together we make containers and Kubernetes more secure.
The first version that we are launching today introduces Falco rules support, but support for other tools will come soon. The Cloud Native Security Hub supports tagging these Falco rules, versioning them, and pulling them directly into your Falco deployment.
This is a community driven project and we hope you work with us growing the resources available, contributing Falco rules or helping us to develop support for other tools.
All the source code is available under Apache 2.0 license, under falcosecurity Github organization, across three repos:
- The hub content: https://github.com/falcosecurity/cloud-native-security-hub
- Frontend code: https://github.com/falcosecurity/cloud-native-security-hub-frontend
- Backend backend: https://github.com/falcosecurity/cloud-native-security-hub-backend
And you can also join us to chat about it in the #cloud-native-security-hub channel in Slack.