Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The best way to understand real-world attacks is to observe them in the wild. Following this principle, our research team set up a decoy Kubernetes workload designed to attract malicious actors – a honeypot in a Kubernetes cluster we named the “Honey-pod.” Inside this pod, we deployed Apache Druid, a popular open-source analytics database known for its scalability and, unfortunately, for a history of exploitable vulnerabilities.

Modern infrastructure is already complex, characterized by distributed environments, multi-cloud deployments, and dynamic change. Now add Large Language Models (LLMs) to the mix, and the challenge grows exponentially. Engineering leaders are under pressure to deliver innovation fast, while also safeguarding against breaches, misconfigurations, and human error. That’s why initiatives like eliminating static credentials, enforcing just-in-time access, and reducing SSH key sprawl are gaining traction.

Just-in-time (JIT) access isn’t easy. This Reddit thread of cybersecurity pros surfaces many of the most common JIT headaches — and you may be encountering those same challenges yourself. As noted in the thread, no users should be “swimming in access”, especially as standing privileges and over-permissioned accounts continue to be a major source of breaches. The truth is, many JIT models struggle to keep up with today’s fast-moving, cloud-native environments.

The increasing reliance on open-source software coupled with the accelerated pace of software development has created a growing need for support of deprecated packages. The significant majority of open-source software packages are not actively maintained, meaning vulnerabilities are not patched, thereby leaving systems open to attack. Malicious actors often target deprecated open-source packages for this very reason.

The standout themes at KubeCon + CloudNativeCon Europe 2025 in London strongly centered on how identity is rapidly becoming the linchpin for securing cloud-native infrastructure. The recurring theme I saw wasn’t just Kubernetes innovation—it was the rising urgency of securing the who behind every action across platforms, clusters, services, and tools.

Kubernetes 1.33 marks another exciting milestone in the evolution of this widely adopted container orchestration platform. A big shoutout to the release team for their hard work and contributions! In this update, Kubernetes continues to enhance its capabilities to meet the ever-evolving demands of modern cloud-native environments. Let’s take a closer look at the key security improvements and other features that caught our attention.