Envoy Proxy gets security audit

Subscribe to our newsletter

German security firm Cure53 has completed a security audit of the service mesh / proxy Envoy. A severe security hole was found in the Lyft web admin interface but no critical problems were found in the Envoy core. It's the first completed security audit that the Cloud Native Computing Foundation (CNCF) has started for its hosted projects. The full report on the Envoy audit is available as a PDF.

Envoy was developed by car-sharing company Lyft and donated to the CNCF. Other projects hosted by the CNCF are the monitoring solution Prometheus, container runtimes containerd and rkt, logging solution Fluentd, MySQL sharding solution and many more. The most prominent project is the Kubernetes orchestration framework that has recently been promoted to a "graduated" project.

Get our weekly newsletter

Marketing permission: I give my consent to KUBEMAG to be in touch with me via email using the information I have provided in this form for the purpose of news and updates.