Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
Kubesploit
Kanalga Telegram’da o‘tish
News and links on Kubernetes security curated by the @Learnk8s team Website: https://kubesploit.io/
Ko'proq ko'rsatish2 062
Obunachilar
+324 soatlar
-47 kunlar
+1130 kunlar
Ma'lumot yuklanmoqda...
O'xshash kanallar
Taglar buluti
Kirish va chiqish esdaliklari
---
---
---
---
---
---
Obunachilarni jalb qilish
Iyun '26
Iyun '26
+31
3 kanalda
May '26
+49
3 kanalda
Get PRO
Aprel '26
+36
3 kanalda
Get PRO
Mart '26
+65
5 kanalda
Get PRO
Fevral '26
+35
1 kanalda
Get PRO
Yanvar '26
+29
1 kanalda
Get PRO
Dekabr '25
+44
3 kanalda
Get PRO
Noyabr '25
+35
2 kanalda
Get PRO
Oktabr '25
+23
2 kanalda
Get PRO
Sentabr '25
+18
2 kanalda
Get PRO
Avgust '25
+22
2 kanalda
Get PRO
Iyul '25
+38
2 kanalda
Get PRO
Iyun '25
+18
3 kanalda
Get PRO
May '25
+28
2 kanalda
Get PRO
Aprel '25
+18
2 kanalda
Get PRO
Mart '25
+23
3 kanalda
Get PRO
Fevral '25
+23
1 kanalda
Get PRO
Yanvar '25
+28
2 kanalda
Get PRO
Dekabr '24
+49
1 kanalda
Get PRO
Noyabr '24
+106
2 kanalda
Get PRO
Oktabr '24
+103
2 kanalda
Get PRO
Sentabr '24
+94
2 kanalda
Get PRO
Avgust '24
+147
3 kanalda
Get PRO
Iyul '24
+62
2 kanalda
Get PRO
Iyun '24
+66
3 kanalda
Get PRO
May '24
+91
2 kanalda
Get PRO
Aprel '24
+122
3 kanalda
Get PRO
Mart '24
+76
3 kanalda
Get PRO
Fevral '24
+57
2 kanalda
Get PRO
Yanvar '24
+56
2 kanalda
Get PRO
Dekabr '23
+79
2 kanalda
Get PRO
Noyabr '23
+21
3 kanalda
Get PRO
Oktabr '23
+23
2 kanalda
Get PRO
Sentabr '23
+28
0 kanalda
Get PRO
Avgust '23
+12
0 kanalda
Get PRO
Iyul '23
+26
0 kanalda
Get PRO
Iyun '23
+30
0 kanalda
Get PRO
May '23
+42
0 kanalda
Get PRO
Aprel '23
+27
0 kanalda
Get PRO
Mart '23
+81
0 kanalda
Get PRO
Fevral '23
+17
0 kanalda
Get PRO
Yanvar '23
+35
0 kanalda
Get PRO
Dekabr '22
+22
0 kanalda
Get PRO
Noyabr '22
+34
0 kanalda
Get PRO
Oktabr '22
+23
0 kanalda
Get PRO
Sentabr '22
+32
0 kanalda
Get PRO
Avgust '22
+19
0 kanalda
Get PRO
Iyul '22
+32
0 kanalda
Get PRO
Iyun '22
+22
0 kanalda
Get PRO
May '22
+104
0 kanalda
Get PRO
Aprel '22
+36
0 kanalda
Get PRO
Mart '22
+33
0 kanalda
Get PRO
Fevral '22
+18
0 kanalda
Get PRO
Yanvar '22
+22
0 kanalda
Get PRO
Dekabr '21
+12
0 kanalda
Get PRO
Noyabr '21
+45
0 kanalda
Get PRO
Oktabr '21
+388
0 kanalda
| Sana | Obunachilarni jalb qilish | Esdaliklar | Kanallar | |
| 25 Iyun | +3 | |||
| 24 Iyun | +3 | |||
| 23 Iyun | +2 | |||
| 22 Iyun | 0 | |||
| 21 Iyun | +1 | |||
| 20 Iyun | 0 | |||
| 19 Iyun | 0 | |||
| 18 Iyun | 0 | |||
| 17 Iyun | +2 | |||
| 16 Iyun | +2 | |||
| 15 Iyun | 0 | |||
| 14 Iyun | 0 | |||
| 13 Iyun | 0 | |||
| 12 Iyun | +1 | |||
| 11 Iyun | +3 | |||
| 10 Iyun | 0 | |||
| 09 Iyun | +2 | |||
| 08 Iyun | +1 | |||
| 07 Iyun | +2 | |||
| 06 Iyun | +2 | |||
| 05 Iyun | +1 | |||
| 04 Iyun | +1 | |||
| 03 Iyun | +4 | |||
| 02 Iyun | +1 | |||
| 01 Iyun | 0 |
Kanal postlari
This article explains how to use Gatekeeper to enforce in-cluster admission policies, such as rejecting
:latest images, mandating labels, and disallowing privileged workloads.
More: https://ku.bz/1Zskfkkvg| 2 |  This tutorial shows how to run OWASP ZAP scans inside GitHub Actions using SecureCodeBox on a Kubernetes kind cluster.
More: https://ku.bz/nDZJpmg5F | 146 |
| 3 |  This week on Learn Kubernetes Weekly 189:
🔥 Zero-Downtime Kubernetes Ingress Controllers on GCP
🏗️ Architecting GPUaaS for Enterprise AI On-Prem
📋 Conditions, Phases, and Declarative Phase Rules in Kubernetes Operators
⚙️ Container-Aware GOMAXPROCS
💀 Why Your Kubernetes Pod Was OOM Killed and Who Really Killed It
Read it now: https://kube.today/issues/189
⭐️ This issue is brought to you by Solanica - replace RDS with a self-hosted DBaaS on your own Kubernetes clusters with automated Day 2 operations and zero vendor lock-in https://ku.bz/NTszfwH40 | 96 |
| 4 | This guide walks through deploying Istio via Terraform and Helm to secure service-to-service and external communication with mTLS, automatic sidecar injection, and encrypted ingress via Istio Gateway.
More: https://ku.bz/wxcXWRYy2 | 161 |
| 5 | Kogaro continuously validates Kubernetes config with 60+ checks across reference, resource, security, image, and network domains, catching silent failures before they impact production.
More: https://ku.bz/_DdDJ5wzj | 578 |
| 6 |  AI can quickly create Kubernetes changes, but it is still important to validate them.
Mauricio Salatino from Dash0 tests generated manifests before releasing them. He uses tools like vCluster Bind and provides clear examples to ensure the output matches established patterns.
Good governance begins with testing, understanding the context, and setting clear expectations.
Watch the full interview: https://ku.bz/Q7q0K2RyH | 262 |
| 7 | Netfence runs as a daemon, injecting eBPF filter programs into cgroups and network interfaces, with a built-in DNS server that resolves allowed domains and populates IP allowlists, and connecting to a central control plane to synchronize network rules.
More: https://ku.bz/wCc37BMNY | 190 |
| 8 |  This article covers network security fundamentals in Kubernetes, explaining how clusters default to a flat pod network, how network policies enforce segmentation, and best practices like “default deny” and restricting host networking.
More: https://ku.bz/T2VfCvjdJ | 205 |
| 9 | Hortator lets AI agents spawn sub-agents at runtime, with each agent running in its own pod with budget caps, network policies, PII redaction, and capability inheritance so children can never escalate beyond their parent's permissions.
More: https://ku.bz/kh47Xb28t | 153 |
| 10 | Artem Lajko explains OS-level observability - the deepest layer of Kubernetes monitoring focused on infrastructure security and performance.
He describes how specialized tools like Falco and eBPF monitor system calls and kernel events to detect security threats. Using the example of unauthorized container shell access, Artem demonstrates how this layer provides platform teams and security engineers with deep insights while maintaining system performance.
Watch the full episode: https://ku.bz/9sGxhmm8s | 199 |
| 11 | This tutorial shows how to deploy OpenClaw on Kubernetes with a Helm chart and ArgoCD, using persistent storage, config modes, secrets handling, and network policies to reduce the blast radius of an AI agent.
More: https://ku.bz/4-b9pCNFz | 161 |
| 12 | This article shows how to configure Role-Based Access Control (RBAC) in Kubernetes Engine (GKE), create roles, role bindings, and enforce least privilege across namespaces and cluster APIs.
More: https://ku.bz/RFzkXpXg9 | 183 |
| 13 | Nicholaos Mouzourakis, Staff Product Security Engineer at Gusto, explains how they implemented auditable decision logging for Open Policy Agent (OPA) in their Kubernetes environment. He describes how Styra's Declarative Authorization Service (DAS) ingests and indexes OPA decision logs from all instances, making them searchable in a centralized location.
Nicholaos details how DAS enables:
- Searching for actions taken by specific users
- Identifying users with access to particular resources
- Tracking when and how access was granted
- Simulating policy changes against historical decision logs
He also mentions how they overcame challenges with legacy batch decision logs that weren't easily searchable by implementing a new batch API provided by Styra.
Watch the full episode: https://kube.fmhttps://ku.bz/S-2vQ_j-4 | 155 |
| 14 |  This week on Learn Kubernetes Weekly 188:
🔥 When ipBlock Breaks HTTPS in Kubernetes: Debugging NetworkPolicy, Traefik, and Hairpin Routing
🔧 How Nginx's New resolve Directive Finally Fixed Our Kubernetes 502s
⚡ Before You Implement KEDA, Do This First
🤝 Why Your CI/CD Pipeline Failures Still Need a Human — And How We're Changing That
📊 Your SLOs Should Be Kubernetes Resources, Not Grafana Dashboards
Read it now: https://kube.today/issues/188
⭐️ This newsletter is brought to you by LearnKube — master Kubernetes with hands-on training designed for engineers who want to learn the smart way https://ku.bz/7py0zX-ct | 133 |
| 15 |  This tutorial teaches how to extend EKS with hybrid nodes using IAM Roles Anywhere and HashiCorp Vault for secure authentication of on-premises or edge workloads.
More: https://ku.bz/s3DxFxdHf | 327 |
| 16 |  This tutorial teaches how to collect Prometheus metrics from Kubernetes clusters and securely route them to remote Prometheus instances using Vector with mTLS encryption.
More: https://ku.bz/_QBDYV4t7 | 379 |
| 17 |  This tutorial teaches how to secure LLM inference services on Kubernetes using Authorino and Envoy for authentication and authorization.
More: https://ku.bz/NWFrLKFbF | 337 |
| 18 |  This tutorial teaches how to implement container image signature verification in Kubernetes using Cosign for signing, Kyverno for policy enforcement, and Sigstore Policy Controller for admission control.
More: https://ku.bz/vT_tmP0lj | 346 |
| 19 | This tutorial shows how to secure east-west traffic in GKE using an Internal Regional Gateway with Envoy proxies, certificates, HTTP Routes with path rewriting, and a zero-trust architecture for service-to-service communication.
More: https://ku.bz/VqqYrclKm | 840 |
| 20 |  This week on Learn Kubernetes Weekly 187:
🧠 Applying Kubernetes Patterns to LLM Workloads
🐢 Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won't Fix It)
📊 Observability at Albert Heijn
🎬 Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering
🔌 Installing Kong Gateway Custom Plugins on Kubernetes using Helm Charts
Read it now: https://kube.today/issues/187
⭐️ This newsletter is brought to you by WeAreDevelopers World Congress — The World’s Largest Event for Developers, AI Builders & Tech Leaders https://ku.bz/cwnthSpPK | 256 |
