Check Point® Software Technologies Ltd. announced that its Check Point CloudGuard solution has been recognized as a Leader across three key GigaOm Radar reports: Application & API Security, Cloud Network Security, and Cloud Workload Security.
Loft Labs vcluster Updated
March 24, 2022
Loft Labs announced that its open-source technology vcluster adds an isolated mode for virtual clusters which reduces the work required by administrators to isolate tenants in multi-tenant Kubernetes clusters.
Virtual clusters spun up with vcluster are logically isolated by means of having separate Kubernetes control planes but the workloads running inside these virtual clusters (pods and their containers) are not isolated by default.
Previously, any Kubernetes security mechanisms for vcluster workloads had to be created manually by the cluster administrators. Now, with vcluster’s isolated mode, a variety of Kubernetes security controls will be enabled and auto-configured without the need for manual configuration, including:
- Pod security standards (admission control policies)
- Resource quotas and limit ranges
- Network policies
Isolated mode enforces baseline workload isolation policies but administrators can harden these further and have full control over customizing everything to their security requirements.
“Before, admins had to add security constraints for virtual clusters themselves which added complexity and required ongoing maintenance. Now, with isolated mode, we as project maintainers provide a default set of security measures that we recommend as best practice for isolating virtual clusters,” said Lukas Gentele, Co-founder and CEO, Loft Labs. “Of course, admins can tweak isolation constraints to their use cases and to their organization’s security policies but we make it easier for them to kick the tires with vcluster while enforcing stricter security boundaries by default and right from the start.”
The vcluster open source software is growing quickly with more than 500,000 downloads and over 1,300 stars on GitHub in less than a year after its initial release. First launched in April 2021, vcluster is used to create lightweight Kubernetes clusters that run inside the namespaces of underlying Kubernetes clusters. Using virtual clusters solves the majority of multi-tenancy issues of Kubernetes because they offer:
- Better isolation than simple namespace-based multi-tenancy;
- Reduced cloud computing cost because virtual clusters are much more lightweight and resource-efficient than spinning up separate single-tenant clusters;
- Logical separation and encapsulation of application workloads from the underlying cluster’s shared infrastructure workloads (such as shared ingress controller or network plug-ins).
At the same time, virtual cluster users can expect that their virtual cluster behaves just like any regular Kubernetes cluster because vcluster is a certified Kubernetes distribution, which means that it passes all conformance tests that CNCF requires. Virtual clusters are often used as development environments when engineers are building, testing and debugging cloud-native software, but they are also frequently used as ephemeral environments for executing continuous integration/continuous delivery (CI/CD) pipelines.
Industry News
February 18, 2025
February 13, 2025
LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.
February 13, 2025
SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).
February 13, 2025
ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.
February 12, 2025
Genkit for Node.js is now at version 1.0 and ready for production use.
February 12, 2025
JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).
February 12, 2025
mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.
February 11, 2025
Check Point® Software Technologies Ltd. announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.
February 11, 2025
Jitterbit announced its latest AI-infused capabilities within the Harmony platform, advancing AI from low-code development to natural language processing (NLP).
February 11, 2025
Rancher Government Solutions (RGS) and Sequoia Holdings announced a strategic partnership to enhance software supply chain security, classified workload deployments, and Kubernetes management for the Department of Defense (DOD), Intelligence Community (IC), and federal civilian agencies.
February 10, 2025
Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.
February 10, 2025
Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.
February 06, 2025
GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.
February 06, 2025
Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.
February 06, 2025
Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.
