1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
kyverno/ADOPTERS.md
Jim Bugwadia e12c168848
add Corestream as an adopter (#11263)
* add Corestream as an adopter

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add Corestream as an adopter

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

---------

Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2024-09-30 15:02:33 +08:00

13 KiB

Kyverno Adopters

This is the list of organizations and users that have publicly shared how they are using Kyverno.

💡 Add your organization by creating a PR or submitting this form

Note: There are several other organizations and users that are unable to publicly share their stories but are active in the Kyverno community. We appreciate all our users and their contributions to making Kyverno a successful CNCF project.

The list of organizations that have publicly shared the usage of Kyverno:

Organization Success Story
Amazon EKS Best Practice Guides Policies for security and best practices
Arrikto Inc. Kubeflow policies
Flux2 Manage multi-tenancy and tenant isolation with GitOps
Nirmata Kubernetes Policy and Governance
Ohio Supercomputer Center Support Kubernetes multi-user workflows through Open OnDemand
Coinbase Use Kyverno for mutation, to replace hand-written Webhooks, and generation to project common Kubernetes objects into many similar namespaces.
Mandiant Use Kyverno for policy enforcement in all clusters, as well as part of our onboarding systems, populating new namespaces with requisite resources and secrets.
Giant Swarm Use Kyverno extensively to handle defaulting logic on resources (primarily cluster-api resources) and some scenarios to replace PSPs to enforce certain restrictions.
Vodafone Group Plc Policy enforcement and automation on an internal k8s service offering.
Deutsche Telekom Use Kyverno to enforce Policies on managed clusters to prevent right escalation of internal customers and to enforce security rules.
VSHN AG - APPUiO Cloud OpenShift Multi-Tenancy Self-Service for APPUiO Cloud, managed with Project Syn. Kyverno policies are available on GitHub.
Bloomberg Use Kyverno for replacing custom validation and mutation webhooks in their internal Kubernetes based platforms
Techcombank Use Kyverno to enforce security policies rules, Kubernetes best practices for their internal container based workload on Kubernetes
Trendyol In adoption planning to roll out to hundreds of production clusters using GitOps
Rafay Systems Platform supports centralized deployment of Kyverno across clusters
Wayfair Policy enforcement on managed clusters. Replacement of some in-house mutating webhooks.
Yahoo Use Kyverno for mutation, to replace image tags to digest and also for validation for checking freshness of images.
T-Systems
Red Hat Learn more about Red Hat Advanced Cluster Management for Kubernetes for Generating Governance Policies Using Kustomize and GitOps.
DE-CIX Kyvernos policy enforcement is used to enforce the company's security guidelines. This is done using validation, mutation and generation techniques.
Saxo Bank We use Kyverno to enforce security and best practises.
Velux We successfully use Kyverno in our clusters for security, best practice enforcement, resource mutation, secret copying and more!
HCS Company Policy enforcement and enabling selfservice for DevOps teams.
Hexagon We leverage Kyverno to robustly enforce security policies. Additionally, as a Kubernetes swiss-knife, Kyverno fills our gap in our GitOps workflow by allowing us to apply complex configurations and customizations which are beyond the native capabilities of Kubernetes operators.
Grover Group GmbH We have been using Kyverno to streamline our K8s security standards and also follow industry best practices for running workloads in K8s using policy enforcements.
IITS Consulting Security is a piece of cake with Kyverno. Kyverno helped us to implement proper security for different kind of clients (medical/telecommunication/trading...). It solves problems like security enforcement, container image verification, distribution of imagePullSecrets and many more.
LinkedIn Policy enforcement on our on-prem Kubernetes clusters.
Groww We have implemented Kyverno as a part of Auto compliance. We put policies to satisfy CIS Compliance for GKE as well as block anomalies detected by the Red Team.
Spotify Spotify uses Kyverno extensively for its admission controller capabilities, including best practices and environment-specific data.
US DoD Platform One The US Department of Defense (DoD) Platform One uses Kyverno as its default policy engine for Kubernetes.
Censhare We use Kyverno in almost all possible areas of security and automation, we call Kyverno as a "Multi-tenancy engine" since we host a multi-tenancy environment for our partners and customers. We have deprecated our own tooling that was complicated and hard to maintain, Thanks to Kyverno.
Coinone Use Kyverno to enforce security hardening and best practices, and mutate pod specs related to graceful shutdown handling, such as tGPSterminationGracePeriodSeconds and custom preStop script.
Davidson consulting We are using Kyverno mutation policies in our pre-production environment to add default NetworkPolicy and to add labels to OKD resources.
InfraCloud Technologies We have successfully implemented Kyverno as a crucial component of our SOC2 compliance, alongside other essential security hardening measures & best practices. Kyverno's policies offer a significantly streamlined implementation process, far exceeding the complexities associated with cloud services.
North IT North IT use Kyverno to help deploy Kubernetes for our pen-testing and SOC platform.
Corestream At our organization, we've leveraged Kyverno to significantly enhance our Kubernetes-based DevOps practices. We use Kyverno's policy-as-code approach to automate and enforce best practices across our clusters. Our policies cover a wide range of scenarios, from managing Azure Key Vault integrations and secret protections to enforcing image registry restrictions and implementing multi-region deployment strategies. Kyverno allows us to automatically inject configuration, create role-based access controls, and ensure consistent labeling across our resources. This automation not only improves our security posture by preventing misconfigurations and unauthorized changes but also streamlines our deployment processes. By using Kyverno, we've been able to standardize our environments, reduce manual errors, and maintain compliance with our organization's policies.