# Securityascode !!! info "Architectural Context" Detailed reference for Securityascode in the context of Hardened Infrastructure. - [searchitoperations.techtarget.com: Kubernetes policy project takes enterprise IT by storm](https://www.techtarget.com/searchitoperations/news/252467102/Kubernetes-policy-project-takes-enterprise-IT-by-storm) [COMMUNITY-TOOL] - [fugue.co: 5 tips for using the Rego language for Open Policy Agent (OPA)](https://snyk.io/blog) [COMMUNITY-TOOL] - [blog.openshift.com: Fine-Grained Policy Enforcement in OpenShift with Open Policy Agent 🌟](https://www.redhat.com/en/blog/fine-grained-policy-enforcement-in-openshift-with-open-policy-agent) [COMMUNITY-TOOL] - [compile OpenPolicyAgent policies into WebAssembly and run them on the edge](https://github.com/open-policy-agent/contrib/tree/main/wasm/cloudflare-worker) [COMMUNITY-TOOL] - [Fugue: Container and Kubernetes. Runtime infrastructure security](https://snyk.io/product/container-vulnerability-management) [COMMUNITY-TOOL] - [kyverno.io: Check deprecated APIs 🌟](https://kyverno.io/policies/best-practices/check_deprecated_apis) [COMMUNITY-TOOL] - [kyverno.io: Add Pod Proxies](https://kyverno.io/policies/other/add-pod-proxies) [COMMUNITY-TOOL] - [kyverno.io: Require PodDisruptionBudget](https://kyverno.io/policies/other/require_pdb) [COMMUNITY-TOOL] - [searchitoperations.techtarget.com: CNCF policy-as-code project bridges Kubernetes security gaps](https://www.techtarget.com/searchitoperations/news/252505548/CNCF-policy-as-code-project-bridges-Kubernetes-security-gaps) [COMMUNITY-TOOL] - [cloud.redhat.com: Automate Your Security Practices and Policies on OpenShift With Kyverno 🌟](https://www.redhat.com/en/blog/automate-your-security-practices-and-policies-on-openshift-with-kyverno) [COMMUNITY-TOOL] - [A Kyverno policy to block custom snippet configurations for Kubernetes Nginx ingress (CVE-2021-25742](https://github.com/kubernetes/kubernetes/issues/126811) [COMMUNITY-TOOL] - [kyverno.io: Restrict Image Registries](https://kyverno.io/policies/best-practices/restrict_image_registries/restrict_image_registries) [COMMUNITY-TOOL] - [kyverno.io: Implementing your best practices is simple with kyverno](https://kyverno.io/policies/best-practices/require_probes/require_probes) [COMMUNITY-TOOL] - [youtube: The Rise of Kubernetes Policy Engine | Ep 57](https://www.youtube.com/watch?v=0TvhTXddRGE&t=12s) [COMMUNITY-TOOL] - [appsecengineer.com: Kubernetes Policy Management with Kyverno](https://www.appsecengineer.com/courses-collection/kubernetes-policy-management-with-kyverno) [COMMUNITY-TOOL] - [Apolicy](https://www.sysdig.com) [COMMUNITY-TOOL] - [sysdig.com: Sysdig and Apolicy join forces to help customers secure Infrastructure As Code and automate remediation](https://www.sysdig.com/blog/sysdig-and-apolicy-join-forces-to-help-customer-secure-infrastructure-as-code) [COMMUNITY-TOOL] - [amazon.com: Policy-based countermeasures for Kubernetes – Part 1](https://aws.amazon.com/blogs/containers/policy-based-countermeasures-for-kubernetes-part-1) [COMMUNITY-TOOL] - [blog.gitguardian.com: What is Policy-as-Code? An Introduction to Open Policy Agent](https://blog.gitguardian.com/what-is-policy-as-code-an-introduction-to-open-policy-agent) [COMMUNITY-TOOL] - [OPA Open Policy Agent 🌟](https://www.openpolicyagent.org) [COMMUNITY-TOOL] - [PolicyHub CLI, a CLI tool that makes Rego policies searchable 🌟](https://github.com/policy-hub/policy-hub-cli) [COMMUNITY-TOOL] - [github.com/instrumenta/policies: A set of shared policies for use with Conftest and other Open Policy Agent tools](https://github.com/instrumenta/policies) [COMMUNITY-TOOL] - [thenewstack.io: Getting Open Policy Agent Up and Running](https://thenewstack.io/getting-open-policy-agent-up-and-running) [COMMUNITY-TOOL] - [thenewstack.io: Weaveworks Adds Policy as Code to Secure Kubernetes Apps (Magalix)](https://thenewstack.io/weaveworks-adds-policy-as-code-to-secure-kubernetes-apps) [COMMUNITY-TOOL] - [dev.to: Load external data into OPA: The Good, The Bad, and The Ugly](https://dev.to/permit_io/load-external-data-into-opa-the-good-the-bad-and-the-ugly-26lc) [COMMUNITY-TOOL] - [kubermatic.com: Using Open Policy Agent With Kubermatic Kubernetes Platform](https://www.kubermatic.com/blog/using-open-policy-agent-with-kubermatic) [COMMUNITY-TOOL] - [k8s-security-policies](https://github.com/raspbernetes/k8s-security-policies) [COMMUNITY-TOOL] - [thenewstack.io: Yor Automates Tagging for Infrastructure as Code](https://thenewstack.io/yor-automates-tagging-for-infrastructure-as-code) [COMMUNITY-TOOL] - [yor.io](https://yor.io) [COMMUNITY-TOOL] - [checkov.io](https://www.checkov.io) [COMMUNITY-TOOL] - [aws.amazon.com: Policy-based countermeasures for Kubernetes – Part 1](https://aws.amazon.com/es/blogs/containers/policy-based-countermeasures-for-kubernetes-part-1) [COMMUNITY-TOOL] - [Selefra: Selefra is an open-source policy-as-code software that provides analytics for multi-cloud and SaaS.](https://github.com/selefra/selefra) [COMMUNITY-TOOL] - [neonmirrors.net: Kubernetes Policy Comparison: OPA/Gatekeeper vs Kyverno 🌟](https://neonmirrors.net/post/2021-02/kubernetes-policy-comparison-opa-gatekeeper-vs-kyverno) [COMMUNITY-TOOL] - [dev.to: Using Kyverno To Enforce EKS Best Practices](https://dev.to/rinkiyakedad/using-kyverno-to-enforce-eks-best-practices-cad) [COMMUNITY-TOOL] - [kyverno.io: Mutating Resources](https://kyverno.io/docs/writing-policies/mutate) [COMMUNITY-TOOL] - [squadcast.com: Kyverno - Policy Management in Kubernetes 🌟](https://www.squadcast.com/blog/kyverno-policy-management-in-kubernetes) [COMMUNITY-TOOL] - [neonmirrors.net: Exploring Kyverno: Part 3, Generation](https://neonmirrors.net/post/2020-12/exploring-kyverno-part3) [COMMUNITY-TOOL] - [kyverno.io: Generating resources into existing namespaces](https://kyverno.io/docs/writing-policies/generate/#generating-resources-into-existing-namespaces) [COMMUNITY-TOOL] - [kyverno.io: Auto-Gen Rules for Pod Controllers](https://kyverno.io/docs/writing-policies/autogen) [COMMUNITY-TOOL] - [nirmata.com: Kubernetes Supply Chain Policy Management with Cosign and Kyverno](https://nirmata.com/2021/08/12/kubernetes-supply-chain-policy-management-with-cosign-and-kyverno) [COMMUNITY-TOOL] - [neonmirrors.net: Exploring Kyverno: Introduction 🌟](https://neonmirrors.net/post/2020-11/exploring-kyverno-intro) [COMMUNITY-TOOL] - [nirmata.com: Introducing Kyverno 1.4.2: Trusted And More Efficient!](https://nirmata.com/2021/08/18/introducing-kyverno-1-4-2-trusted-and-more-efficient) [COMMUNITY-TOOL] - [Policy Reporter 🌟](https://github.com/kyverno/policy-reporter) [COMMUNITY-TOOL] - [sesin.at: Securing Kubernetes with Kyverno: How to Protect Your Users From Themselves by Ritesh Patel](https://www.sesin.at/2021/08/28/securing-kubernetes-with-kyverno-how-to-protect-your-users-from-themselves-by-ritesh-patel) [COMMUNITY-TOOL] - [dev.to: Default Kyverno Policies for OpenEBS](https://dev.to/niveditacoder/default-kyverno-policies-for-openebs-4abf) [COMMUNITY-TOOL] - [dev.to: Using Kyverno Policies for Kubernetes Governance](https://dev.to/mda590/using-kyverno-policies-for-kubernetes-governance-3e17) [COMMUNITY-TOOL] - [blog.sigstore.dev: How to verify container images with Kyverno using KMS, Cosign, and Workload Identity](https://blog.sigstore.dev/how-to-verify-container-images-with-kyverno-using-kms-cosign-and-workload-identity-1e07d2b85061) [COMMUNITY-TOOL] - [Cloud Custodian](https://github.com/cloud-custodian/cloud-custodian) [COMMUNITY-TOOL] *** 💡 **Explore Related:** [Crossplane](./crossplane.md) | [Liquibase](./liquibase.md) | [Kubernetes Security](./kubernetes-security.md)