The Otter’s Den
Your go-to hub for Kubernetes security and tech know-how
- Kubernetes
First Person Platform Episode 2 - Andrew Moore on Uber Workload Identity and Authorization
The second episode of First Person Platform, a podcast: platform engineers nerd out with Ori Shoshan on access controls, Kubernetes, and platform engineering.
- Kubernetes
First Person Platform Episode 2 - Andrew Moore on Uber Workload Identity and Authorization
The second episode of First Person Platform, a podcast: platform engineers nerd out with Ori Shoshan on access controls, Kubernetes, and platform engineering.
- Network Policy
BlogFeb 12 2024Network policies are not the right abstraction (for developers)
We explore the limitations of relying solely on Kubernetes network policies as a solution for achieving zero-trust between pods, identifying multiple flaws that hinder their effectiveness in meeting the demands of real-world use cases, particularly when prioritizing developer experience in a Kubernetes-based platform.
- Kubernetes
BlogJan 24 2024First Person Platform Episode 1 - Andrew Fong on Dropbox Grouper
The first episode of First Person Platform, a podcast: platform engineers nerd out with Ori Shoshan on access controls, Kubernetes, and platform engineering.
- Network
BlogJan 20 2024Network mapper, I see you!
Learn about the recently developed Otterize network mapper, an open-source tool dedicated to efficiently mapping communication within a Kubernetes cluster by creating functional network maps, focusing on simplicity and effectiveness in revealing pod-to-pod interactions.
- Press
BlogJan 09 2024Hot on the Heels of AWS re:Invent 2023, Otterize Expands Workload Identity and Access Management Platform to Include Support for AWS IAM and PostgreSQL
Otterize enhances its platform with AWS IAM and PostgreSQL support, complementing existing features like Kubernetes network policies, Istio authorization policies, and Kafka ACLs. These additions enable organizations to seamlessly manage access to critical resources and databases, reinforcing a comprehensive zero-trust security model.
- Amazon
BlogNov 28 2023Otterize launches open-source, declarative PostgreSQL permissions for RDS workloads on AWS EKS clusters
Effortlessly manage database access complexities through the open-source intents-operator and credentials-operator, enabling seamless control of permissions via Kubernetes, ensuring security, and simplifying the entire process with the efficiency of IBAC (intent-based access control).
- Amazon
BlogNov 28 2023Otterize launches open-source, declarative IAM permissions for workloads on AWS EKS clusters
Simplify your AWS IAM role and policy management for Kubernetes ServiceAccounts with the open-source intents-operator and credentials-operator, leveraging the power of IBAC (intents-based access control) to streamline the process and eliminate the tedious manual steps.
- Core
BlogSep 13 2023How to gradually roll out network policies with the new AWS EKS VPC
Learn how Otterize makes it easy to apply zero-trust network policies to one service while being completely certain you aren't affecting any others. Discover how you can do that in a few minutes.
- Core
BlogAug 31 2023AWS releases built-in network policy enforcement for AWS EKS
Discover the latest advancement in AWS EKS as AWS unveils built-in support for enforcing Kubernetes network policies using the native VPC CNI, and simplify the implementation challenges with the open-source Otterize intents operator and network mapper.
- IBAC
BlogAug 14 2023Bite-size Otterize: moving fast and (never) breaking things
Explore the latest developments in Otterize's capabilities, tailored for users seeking precision in configuring access controls and aiming for zero trust by deploying Otterize in a "bite-size" manner—fast, easy, predictable, and incrementally secure with each step.