cloud-security
Kyverno
Kyverno
Definition
Kyverno is a Kubernetes-native policy engine that validates, mutates, and generates Kubernetes resources using policies written in YAML rather than a separate policy language. Security teams use Kyverno to enforce controls like requiring pod security contexts, auto-injecting sidecar containers, restricting image registries, and generating default NetworkPolicies for new namespaces.
Its Kubernetes-native approach lowers the barrier to entry compared to OPA Gatekeeper's Rego language.
Ship secure code faster
Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.