Cloud Native DevSecOps As Code 🔒
ControlPlane is a cloud native security consultancy with industry-leading expertise architecting, deploying, and maintaining high compliance Kubernetes systems.
We have deployed our solutions to highly regulated industries such as UK critical national infrastructure organisations, international financial institutions, big four accountants, insurance, healthcare, and media providers.
We conduct threat research, cloud native security training, and develop best practice DevSecOps implementations. We are now offering our patterns and practices as code on a supported subscription basis.
- Cloud native DevSecOps tooling and pipeline integration libraries, delivered as code and covered by tests
- Battle-hardened Terraform patterns and practices, codified and packaged for re-use
- Best-practice, accredited Kubernetes and Istio configurations, resources, and tests, focussed on accelerated developer and SRE security
- Detailed threat models and SoC-friendly attack trees for Kubernetes, Istio, cloud native CI/CD, GitOps and more
- Automated security and compliance testing libraries for: Kubernetes; Istio; container runtimes; public cloud installations; IAM and RBAC; GitOps, CI/CD, and GPG; networks and TLS; CIS benchmarks
- Whitepapers and crib sheets on emerging technologies, threats, and mitigations by industry experts (Istio, GitOps Patterns, Third-Party Code Risk, Artefact Provenance and Veracity, Reproducible Builds and Binary Transparency)
- Supported priority access to ControlPlane’s current and future open source projects, including:
- Kubesec.io - static analysis for Kubernetes resources
- netassert - Kubernetes-native network security testing
- GitOps Quickstart - patterns and practices for enterprise GitOps
- Kubernetes Admission Controllers - extensions and best practices
- A back catalogue of talks, slides, and training material