StackRox Blog

Sep 2, 2019

The Kubernetes Security Audit: 3 Key Takeaways

We read through all 241 pages of recent Kubernetes security audit results to identify the key takeaways — there’s a lot of good content, but here’s the tl;dr:

Aug 5, 2019

How to Remediate Kubernetes Security Vulnerability: CVE-2019-11247

CVE-2019-11247 discloses a serious vulnerability in the K8s API that could allow users to read, modify or delete cluster-wide custom resources, even if they only have RBAC permissions for namespaced resources.

Jun 21, 2019

What's new in Kubernetes 1.15? Stability, extensibility, and continuous improvement

The first thing that jumps out about Kubernetes 1.15 is that it introduces relatively few new features, a sign that the project has reached a certain level of stability and maturity

Mar 29, 2019

New Kubernetes Security Vulnerabilities Disclosed: CVE-2019-1002101 and CVE-2019-9946

New Kubernetes security vulnerabilities discovered: CVE-2019-1002101, a high severity issue, and CVE-2019-9946, a medium severity issue. Read on for a description of the vulnerabilities.

Mar 28, 2019

Kubernetes 1.14 is Out — What Are the New Features?

Here's what's new in the Kubernetes 1.14 release, including major features and security improvements to small things that simplify the life of operators

Mar 2, 2019

Kubernetes API DoS Vulnerability — Top Recommendations

CVE-2019-1002100 is a denial of service (DoS) vulnerability that exists in the Kubernetes API server. Follow these recommendations to protect yourself

Feb 21, 2019

The runC Vulnerability — A Deep Dive on Protecting Yourself

The runC vulnerability provides a potent path for attack, but you have several means of protecting your container environments.