Security Featured Ingress-nginx CVE-2025-1974 - Report and Mitigation Procedures A critical security vulnerability (CVE-2025-1974) has been identified in the ingress-nginx controller, an essential component for network traffic management in Kubernetes. Here you will find the remediation plan for SIGHUP Kubernetes Distribution Open Source and Enterprise installations.
Cloudnative Anatomy of a CVE This article is an in-depth exploration of an impactful container-breakout vulnerability affecting runc-based container runtimes.
Security Codebreaking Clouds: Hacking Cloud Native Environments through VAPT Mastery. Discover all you need to know about Cloud-Native Vulnerability Assessment and Penetration Testing (VAPT) with practical examples.
Security Supply Chain Security Framework: S2C2F In this article, we will introduce you to S2C2F. The Secure Supply Chain Consumption Framework is a combination of requirements and tools for any organization to adopt made by the Open Source Security Foundation.
announcements SIGHUP and Chainguard Partner to deliver Cutting-Edge Software Supply Chain Security in the European market We are excited to share that SIGHUP and Chainguard have teamed up to design the forefront of infrastructure and software supply chain security.
CNCF SIGHUP’s tales from KubeCon + CloudNativeCon EU 2023 Read the SIGHUP's tale from KubeCon EU 2023. We share our experience at the conference, retracing announcements, talk takeaways, trending topics highlights and upcoming events.
announcements Kubernetes Fury Distribution secured by YOROI: the new frontier in Cluster Defence SIGHUP and YOROI partnered together to provide organizations with a Leading-edge Kubernetes distribution that will speed up and fully secure production-grade Cloud Native environments.
announcements Announcing SIGHUP Secure Containers SIGHUP is happy to introduce its latest service that further enhances the reliability and production-readiness of containerised workloads: Secure Containers.
Kubernetes Announcing Kubernetes Fury Auth The new KFD Core Module for Authentication and Authorization Management
Cloudnative Run your business in a NIST compliant Kubernetes environment! SIGHUP partners with Cysec to provide a secure Kubernetes-based automation platform for CI/CD and hybrid environments compliant with NIST SP 800-190
DevSecOps Snyk and Shift-Left approach: Boosting your security compliance with ease. This article will provide a brief overview, some example use cases on Snyk's tools and features, and how we used it to improve Kubernetes Fury Distribution's security.
Conjur CyberArk Security Bulletin CA23-01, is your Conjur environment affected? What happened? Yesterday CyberArk published the security bulletin CA23-01 related to a critical vulnerability of the Rake ruby package, described in the CVE-2022-30123 . The vulnerability could be used remotely and allow a shell escape within the Conjur leader container. This issue only affects Conjur Enterprise. Containers of Conjur products other
announcements Featured SIGHUP Announces New Partnership with Snyk SIGHUP announces its Partnership with Snyk. Joining the forces together, these two companies aim to speed up developer security and DevSecOps best practice adoption.
Awesome CKS – Tips and tricks Preparing for a certification exam is always challenging. You have to retrieve the material to study, the exercises, and above all, to have a suitable environment to practice.
Engineering Announcing Gatekeeper Policy Manager v0.5.0 We are excited to announce a new release of Gatekeeper Policy Manager (GPM), our open-source web UI to easily manage OPA Gatekeeper and your policies inside Kubernetes Clusters.
Engineering Gatekeeper Policy Manager turns 1 year old! Let's recap together all the improvements done in the first year of Gatekeeper Policy Manager
