Tools Resources

CloudNativeSecurityCon Brought Focus and Learning to Security Issues in Cloud Native Environments

author_profile
Kim McMahon
Wednesday, Feb 8th, 2023

The inaugural CloudNativeSecurityCon (CNSC), hosted by the Cloud Native Computing Foundation (CNCF), in Seattle, WA on February 1st and 2nd this year brought a growing realization among attendees that security in the cloud-native ecosystem is deeply complex. Separating this event from the larger KubeCon event was a much-needed move to allow learning and presentations to go deeper into this topic and the pervasive security risks in cloud, container, serverless, and Kubernetes environments. 

CloudNativeSecurityCon
Sarabjeet Chugh's Keynote at CloudNativeCon (CNSC)

Sarabjeet Chugh, the PLG leader at Cisco ET&I, kicked off day 2 of the event with a keynote on Cisco’s - OpenClarity suite of open-source projects: FunctionClarity, APIClarity, KubeClarity. Sharing that Cisco has been quietly innovating in open source for the last several years brought a new-found awareness to the crowd. 

"Cisco is the open source community's best kept secret!"

At the booth, visitors learned more about Cisco’s open-source projects. Practitioners sought and received onboarding help using the OpenClarity suite of projects with hands-on Helm Charts, Terraform, and CloudFormation. The conversations focused on cloud native security and practical experiences, providing an opportunity to see the projects in action as well as securing their Kubernetes, APIs, and serverless functions. 

Cisco will be at KubeCon +CloudNativeCon Europe on April 18-21, 2023 with these and other open-source projects. Mark your calendar and visit us! 


What is Open Clarity?

OpenClarity is a suite of open-source tools for cloud native security and observability. 

  • APIClarity, an open source cloud native visibility tool for APIs, utilizes a service-mesh framework to capture and analyze API traffic, and identify potential risks. 
  • FunctionClarity provides a framework to sign and validate cloud function core artifacts (images or code) with various signing techniques including keyless (utilizing the cosign/sigstore project). 
  • KubeClarity is a tool for detection and management of software bills of materials (SBOMs) and vulnerabilities in container images and filesystems. 

Learn more about the projects on GitHub and go ahead and star them to keep up with the latest updates! 


Did you know that Panoptica is built on the OpenClarity open-source projects? To learn more: 

Popup Image