Blogs and News

ControlPlane is Heading to KubeCon EU '25 London
ControlPlane’s events and CTF at KubeCon EU in London

Ephemeral Environments for GitLab Merge Requests with Flux Operator
Flux Operator creates ephemeral environments for GitLab MRs. Each MR gets an automatic, dedicated preview instance for faster validation and iteration.

See it, Hack It, Sort It: How Open Source Software Protects Our AI Enablers
Key insights on protecting GPU resources in cloud infrastructure, covering threat modeling, attack vectors, and practical security measures using open source tools

What is Continuous Delivery & How Does It Work?
An exploration of what Continuous Delivery is, how it differs from related concepts, and how Flux can help.

Securing Kubernetes Clusters: Lessons and Best Practices from the Field
key lessons from Control Plane’s KubeCon EU 2023 talk, covering Kubernetes threat modeling, attack techniques, and essential security measures to protect clusters.

What is Flux CD
Flux is an open source tool used to keep Kubernetes clusters in sync with configuration artefacts, especially when that configuration needs to change regularly, like when you update your software or a dependent part of your system receives a patch. Flux has been built from the ground up to use native Kubernetes APIs and to integrate with the wider Kubernetes ecosystem tools like Prometheus. It supports multi-tenancy clusters and scales massively with support for syncing multiple Git Repositories or other sources of configuration artefacts.

Celebrating a Year of Commitment to CNCF Flux: Sustainability, Innovation, and Growth
ControlPlane supported CNCF Flux over the past year by enabling ongoing development, innovation, and community engagement.

Streamlining Application Delivery with Flux and the Generic Helm Chart Pattern
Based on the excellent technical article written by Flux Core Maintainer and fellow ControlPlaner Stefan Prodan.

What is GitOps
This is the first in a series of articles about Flux CD, and introduces the foundational knowledge of GitOps. GitOps is a term coined by Weaveworks in 2018. It has been referred to as the best thing since Infrastructure as Code, and has also been referred to as being versioned CI/CD on top of declarative infrastructure. Much like how DevOps broke down the silos between Developers and Operations/Infrastructure Teams, GitOps merges the concerns for application deployment with infrastructure deployment.

Unlocking Delivery Success: Overcoming Framework Limitations in Regulated Environments
ControlPlane pioneers delivery success by blending Agile adaptability with Waterfall structure to overcome regulatory challenges and drive efficiency.

Automated Cloud Native Incident Response with Kubernetes and Service Mesh
ControlPlane is a proud member of and long-term contributor to the Fintech Open Source Foundation (FINOS), and almost a third of our firm’s consultants contribute to initiatives like the AI Readiness SIG, Common Cloud Controls, and Compliant Financial Infrastructure.

Open Source in Finance Forum New York 2024 Recap
ControlPlane is a proud member of and long-term contributor to the Fintech Open Source Foundation (FINOS), and almost a third of our firm’s consultants contribute to initiatives like the AI Readiness SIG, Common Cloud Controls, and Compliant Financial Infrastructure.

The Path to Zero CVEs: Vanquishing Cyber Threats
Addressing Common Vulnerabilities and Exposures (CVEs) is no longer optional—aiming to eliminate them is a critical priority for securing modern systems.

Enterprise for Flux CD Now Available on AWS Marketplace
Our products and services are now available through our partnership with AWS

ControlPlane at KubeCon NA '24 Salt Lake City
ControlPlane’s events and CTF at KubeCon NA in Salt Lake City

The Landscape Podcast: Flux with Core Maintainer Stefan Prodan
Stefan Prodan, core maintainer of Flux, discusses its role in automating Kubernetes with GitOps, enhancing security, and scaling infrastructure management

Introducing the Flux Operator - GitOps on Autopilot Mode
Stefan Prodan, core maintainer of the CNCF Flux project, introduces the Flux Operator.

ControlPlane Outreach: Exposing At-Risk Students to Careers in Tech
ControlPlane partnered with Spark! to empower at-risk students through workshops that introduced them to tech careers, continuous learning, and future possibilities.

Future Open Source LLM Killchains! A Talk by Vicente Herrera
In The Security Ai Summit 2024, Principal Consultant Vicente Herrera explores how advanced adversaries could exploit vulnerabilities in the open-source AI ecosystem, particularly in large language models (LLMs), by targeting MLOps infrastructure, with a focus on mitigation strategies to prevent such attacks.

FINOS AI Readiness Open Sourced
ControlPlane’s pivotal role in the FINOS AI Governance Framework highlights our commitment to advancing AI readiness in financial services.

Smarter Than Your Average SBOM! A Talk by Matt Jarvis & Andrew Martin
In Kubernetes Community Day UK 2023 Snyk, Director Matt Jarvis and ControlPlane CEO Andrew Martin teamed up and deeply delved into the Software Bill of Materials (SBOMs) world

FINOS AI Governance Framework
At the Secure AI Summit earlier this year, ControlPlane’s Torin van den Bulk delivered an eye-opening talk on the ‘Invisible infiltration of AI supply chains by adversarial actors’. This talk examines the importance of securing the data, models, and pipelines involved at each step of an AI supply chain.

ControlPlane at the Bleeding Edge: Ending the Pain of Periods
The ControlPlane Agile team is proudly taking steps toward breaking down awkwardness, stigma, and workplace barriers to menstrual health.

I'll Let Myself In: Kubernetes Privilege Escalation Tactics
ControlPlane’s talk at KubeCon Europe 2024 gave attendees an overview of Cloud-Native Penetration Test and privilege escalation tactics to make cloud native systems more secure

The Impact of the Polyfill Supply Chain Attack
How the Polyfill supply chain attack highlights the issues with trust in open source software and what approaches can be taken to mitigate the risk.

Mastering the Cloud Native Wave: Security Resilience in Modern Systems
ControlPlane’s talk at InfoSec Europe 2024 gave attendees an overview of observations and techniques to make cloud native systems more resilient"

Abusing VSCode: From Malicious Extensions to Stolen Credentials (Part 2)
How malicious VSCode extensions can steal your credentials

Abusing VSCode: From Malicious Extensions to Stolen Credentials (Part 1)
Attack paths for remotely compromising Visual Studio Code

Open Source Dynamics in the Era of Licence Innovation
This blog post explores innovative business models for open source projects, focusing on enterprise support and subscription services, and discusses the balance between community contributions and sustainable growth.

How to create a Table Top Exercise for Cyber Incident Responders
OpenSSF and ControlPlane created, hosted and ran a tabletop exercise for Incident Responders in the format of a panellist discussion. Let’s have a look behind the scenes and uncover tips and tricks how a security team can carry out a similar exercise.

Brewing the Kubernetes Storm Center: Open Source Threat Intelligence for the Cloud Native Ecosystem
James Callaghan, principal consultant at ControlPlane, and Constanze Roedig discuss open source cloud native threat intelligence at KubeCon + CloudNativeCon Europe 2024

Flux CD Architecture Overview
Stefan Prodan, core maintainer of the CNCF Flux project, provides a comprehensive overview of Flux CD architectures for multi-cluster continuous delivery

Isovalent and ControlPlane's Joint Whitepaper
Engineers, product managers and consultants from both companies explore how Cilium can tackle the challenges of cloud native compliance

The Lowdown on Locked Namespaces
Marco De Benedictis, senior consultant at ControlPlane, discusses how Kubernetes namespaces have grown from an optional feature to a security boundary at KubeCon + CloudNativeCon Europe 2024

Zero Trust Training Courses with the Linux Foundation
ControlPlane has authored two Zero Trust training courses for the Linux Foundation

ControlPlane at KubeCon EU Paris ‘24 - Recap
A recap of ControlPlane’s activities at KubeCon EU in Paris

The Envoy Gateway End User Threat Model, in collaboration with the Linux Foundation
ControlPlane has collaborated with the Linux Foundation to threat model Envoy Gateway and generate an End User guide

Flux CD: D1 Reference Architecture
ControlPlane’s commitment to supporting the Flux Project continues, providing a model and a guide for multi-cluster, multi-tenant environments

ControlPlane at KubeCon EU '24 Paris
ControlPlane’s talks and events schedule for KubeCon EU in Paris

Container Security Basics at Securi-Tay 2024
ControlPlane’s principal consultant, Iain Smart, talks about Container and Kubernetes Security at Abertay Hackers’ Securi-Tay 2024

NIST Special Publication 800-204D calls for GitOps approaches
Exploring how NIST’s latest publication underscores the necessity of integrating GitOps strategies in software supply chain security within DevSecOps CI/CD pipelines

Bringing light to risks lurking in the black boxes of AI models
ControlPlane’s principal consultant, Vicente Herrera, talks about AI Security at OpenUK’s “State of Open Con 2024”

ControlPlane backs the CNCF Flux Project by Employing Maintainers
ControlPlane’s support for the CNCF Flux project ensures the sustainability and security of critical systems through open source maintenance and innovative enterprise solutions

ControlPlane and Scott Logic Collaborate on Scottish Government Identity and Payments Systems
Collaborative efforts between ControlPlane and Scott Logic on the Scottish Government identity and payment systems: security architectures, platform integrations, and project assurance

Tangible Value with ControlPlane Enterprise for Flux CD
ControlPlane Enterprise elevates Flux CD with enhanced security, support, and compliance, catering to diverse needs in Kubernetes deployments

AI Software Development Lifecycle on Kubernetes
AI software’s evolution on Kubernetes: current methodologies, potential future developments, and inherent risks

ControlPlane at OpenSSF and Open Source Summit Japan, 2023
ControlPlane’s journey to Japan and an overview of some of the talks presented

Navigating Cloud Security and Automation with Eficode
Talking to Eficode about Cloud Native Security Challenges

Play the 2023 CNCF CTF Scenarios with the Revamped Simulator
The public release of the 2023 CNCF CTF Scenarios is here! In this blog post, we’ll walk you through the revamped simulator and how to get started with the challenges.

Cloud Native and Kubernetes Security Predictions 2024
A look into the tumultuous waters of cloud and Kubernetes security in 2024

Andrew Martin on "Nerding Out With Viktor" — Security, Penetration Testing, and Threat Modelling
The inaugral “Nerding Out With Viktor” podcast with ControlPlane CEO, Andrew Martin

Unveiling the Future of CI/CD Security: A Deep Dive into Advanced Practices
The “Advanced CI/CD Security” workshop we ran at DevOpsCon 2023 in Munich provided a deep dive into the latest practices shaping the future of cloud security

Conference Recap: ControlPlane at KubeCon NA '23 Chicago
Reflecting upon our experience at KubeCon North America 2023

ControlPlane at KubeCon NA '23 Chicago
Where to find ControlPlane talks and events at KubeCon North America 2023 in Chicago

Take Zero Trust to the Next Level with Confidential Virtual Machines
SPIFFE and confidential computing are two security projects that minimize the level of implicit trust a user needs to place into a computing system. We will show how to combine these approaches to minimize the trust we need to place in public cloud services

The National Cybersecurity Strategy Implementation Plan
The first annual iteration of the National Cybersecurity Strategy Implementation Plan has been released, detailing how the US government plans to achieve the goals previously outlined in 2021’s National Cybersecurity Strategy

Dark Matter Cloud Anonymous: Andrew Martin and Amanda Brock discuss open source and OpenUK’s report
The event took questions from an audience of industry veterans and discussed open source security, developer understanding of Kubernetes, FinOps for cloud, and more

Charting Zero Trust and High Assurance: ControlPlane’s Takeaways from the NIST Multi-Cloud and OSCAL Conferences
ControlPlane’s Experience at the 4th Annual OSCAL and Multi-Cloud Conferences Sponsored by NIST

Conference Recap: ControlPlane at KubeCon EU '23
ControlPlane talk & event write-ups from KubeCon EU in Amsterdam

Threat Modelling Zero Trust at KubeCon EU 2023 Amsterdam
ControlPlane show you how to threat model Zero Trust architectures at KubeCon Europe 2023 in Amsterdam

KubeCon EU '23: Open Source Releases
ControlPlane open sources security and threat model knowledge

Netassert v2: Network Security Testing
How to write, test, and secure your network configurations

Collie: A toolkit for securing cloud controller provisioned infrastructure
Demonstrating compliance and securing infrastructure provisioned by Kubernetes Cloud Infrastructure Controllers

ControlPlane at KubeCon EU 2023 Amsterdam
Where to find ControlPlane talks and events at KubeCon Europe 2023 in Amsterdam

Intro to the CloudNative SecurityCon CTF
Capture-the-Flag platform demo with The New Stack 🔐🏴☠️

The Most Excellent Learnings of CloudNative SecurityCon 2023
The Cloud Native security community is vibrant and strong 🌩🎉

The Inaugral CloudNative SecurityCon, North America, and Security Zero Day
Cloud Native security bursts onto the conference circuit 🌩🎉

SPIFFE: The Keystone Species of Cloud Native Security
Short-lived cryptographic identities are the basis upon which secure communication and access control are built 🖧🙊

Cloud Native and Kubernetes Security Predictions 2023
A speculative look into the perils and opportunities that 2023 holds 🕵️🔎

ControlPlane Accelerates International Expansion
ControlPlane expands into North America and APAC with two key executive hires 📈

KubeCon NA 2022 - Techstrong TV interview
Andrew Martin joins Mitch Ashley of Techstrong TV for a chat about ControlPlane, Hacking Kubernetes, and avoiding configuration gotchas 📺

An evening of network security
An evening of network security by Tailscale and ControlPlane 🔐

ControlPlane at KubeCon NA 2022 Detroit
Where to find ControlPlane talks and events at KubeCon North America 2022, Detroit ☸

The Future of Open Source Technology in Financial Services
ControlPlane’s New York City event with FINOS 🏙

What's New - Kubernetes 1.25 Security Features
Overview of new security features in Kubernetes v1.25 ☸🔐

VEXing challenges - ControlPlane at the Open Source Summit Europe 2022, Dublin
ControlPlane and OpenUK information at the Open Source Summit Europe 2022 in Dublin 🔐

OpenUK Reports on the State of Open: The UK in 2022
ControlPlane contributes to the definitive open source report for the UK

Walking the talks - ControlPlane at KubeCon Europe 2022
ControlPlane talks at KubeCon EU, 2022 ☸

Shift Left: Where Cloud Native Computing Security Is Going (The New Stack)
DevSecOps leaders on the direction of CloudNative Security

Securing the Kubernetes Supply Chain: Software Factory Reference Architecture
Sophisticated mechanisms and best practices to enhance defenses against supply chain threats in Kubernetes

Hardening Git for GitOps
ControlPlane whitepaper on securing GitOps workflows at source ✍

CNCF Cloud Native Security Whitepaper
ControlPlane collaborates with authors in sig-security 📜

Kubernetes Predictions 2019
5 predictions and 5 wishes for Kubernetes in the year ahead 🕵️🔎

ControlPlane Sponsors PhD of in-toto Author Santiago Torres
ControlPlane, the open source and cloud native security company, sponsors the PhD work of in-toto author Santiago Torres, furthering the advancement of software supply chain security.

11 Ways (Not) to Get Hacked
An overview of essential security features for Kubernetes, and a glance to the future 👨🚀