Any tool that runs with elevated privileges on shared infrastructure needs to earn trust. Inspektor Gadget runs with root-level access on nodes to do its job, so an independent review of its security posture is a natural step as the project matures and adoption grows. OSTIF is a nonprofit dedicated to improving the security of open source software. Over the past ten years, OSTIF has managed security engagements that have uncovered more than 800 vulnerabilities across 120 open source projects.
Inspektor Gadget: Results from the first security audit… Over the past ten years, OSTIF has managed security engagements that have uncovered more than 800 vulnerabilities across 120 open source projects. How the audit was scoped OSTIF engaged Shielder add link , to perform the assessment. Two researchers worked on the audit in early 2026. …
… The chart is pulled directly from the Kyverno Helm repository. apiVersion: v2 name: kyverno-policies description: Helm Chart for Kyverno Policies type: application version: 1.0.0 dependencies: - name: kyverno-policies version: "3.7.1" repository: https://kyverno.github.io/kyverno/ kyverno-policies/… …
… Application layer Microservices deployed as containerised workloads, independently managed through Git: Independently deployable services with no shared deployment schedules Helm-based packaging for consistent environment promotion Git-driven deployment lifecycle with full audit trail End-to-end de… …
… Audit trails become trivial. …
… Understanding the Current State The agent was first tasked with auditing the existing cluster. …
… Combined with Cilium network segmentation, your security posture becomes something auditors verify from Git history and live cluster state — not from a spreadsheet last updated two quarters ago. …
… Security improvements Security is a core pillar of Kyverno, and 1.18 introduces important safeguards for policy execution. …
… Across organizations of all sizes, a surprisingly large share of reliability and security incidents don’t originate in application code. They originate in misconfigured infrastructure—missing resource limits, overly permissive security contexts, incorrect RBAC bindings. …
… Keeping forks in sync with upstream security patches becomes a part-time job, and a stale fork with unpatched vulnerabilities is itself a security problem. Missed improvements. Upstream actions regularly fix bugs and ship security features. …
… Boeing teams are utilizing Cloud Native Computing Foundation CNCF frameworks—specifically the CNCF Landscape and CNCF Maturity Levels —to ensure chosen technologies have the community backing and security audits required for long-term aerospace lifecycles. …
To show you the most relevant results, we’ve omitted some entries very similar to those already shown. Repeat the search with the omitted results included.