| Distributed authorisation management and secret exposure issues addressed with QueryPie KAC and HashiCorp Vault■ New challenges for Kubernetes security in the AI and cloud-native eraAs AI and cloud-native technologies become standard in enterprise infrastructure, Kubernetes is enabling innovative productivity through service deployment automation and multi-cloud support. However, this convenience comes with increased complexity in security operations. Kubernetes is inherently a multi-tenant environment where multiple teams and users access cluster resources simultaneously. Namespaces and resources operated by each team are intermingled, and different roles such as development, operations, security, and data analysis require different permissions. This process can lead to fragmented permission management and inconsistent security policies.In real-world scenarios, RBAC (Role-Based Access Control) policies are often managed separately for each cluster, and since permissions are granted at the role level, it is challenging to enforce granular control at the resource name level. With the widespread use of CLI tools (kubectl, Lens, K9s, etc.) for direct access, there is a risk of unauthorised access without recording user session commands or going through approval processes.In this situation, as DevOps and CI/CD pipelines rapidly evolve, cases of hardcoding or exposing sensitive secrets in code or deployment pipelines are increasing. Ultimately, this can lead to a critical risk of a single cluster breach spreading to all cloud resources.■ QueryPie KAC Solves Real-World Kubernetes Access Control IssuesTo address these complex Kubernetes security management issues, CloudNetworks proposes QueryPie Kubernetes Access Controller (KAC), which provides centralised access control and auditing when developers, DevOps, and system engineers access the cluster using access tools such as kubectl, Lens, and K9s.Currently, most companies share Kubeconfig files with administrator privileges among multiple users or manage them individually for each cluster, making it difficult to apply consistent security policies. Additionally, it is challenging to track what actions users actually performed, limiting the ability to analyse the root cause of security incidents.QueryPie KAC provides user K8S access control, integrated audit logging, and an integrated management environment for assets in other systems to build an efficient infrastructure environment and manage application security through K8S Container Orchestration.Session recording and real-time monitoringWhen a user accesses a container, session recording is automatically performed to monitor actions within the container. All approved Kubernetes API requests are logged for monitoring and response, and the history of user actions after accessing the container can be replayed as a video for intuitive management.Detailed access control and permission managementK8S Resource name (regular expression) based access control rules can be applied to users, which is not supported by existing K8S RBAC. You can design detailed policies that allow access only to specific namespaces or resources with specific naming rules. Additionally, you can enhance security with user attribute-based access control (ABAC), which allows you to dynamically grant permissions based on various attributes such as the user's team, role, time zone, and IP address, overcoming the limitations of traditional role-based access control.■ Innovation in Kubernetes secret management with HashiCorp VaultThe second most important security challenge in a Kubernetes environment is secret management. AWS's EKS provides convenient K8S services, and sensitive information used in K8S is stored and used through the secret feature. However, such sensitive information is difficult to manage separately and poses a risk of leakage.Automating Secret Management with HashiCorp Vault VSOHashiCorp Vault provides a centralised secret management platform to address these structural issues. By deploying the Vault Secrets Operator (VSO), Kubernetes is integrated with Vault.In K8S, sensitive information used by service Pods is managed using the secret feature. By leveraging Vault VSO, such secret content can be centrally stored in the Vault key-value store. This enables more precise access control and continuous change management compared to the existing Kubernetes environment.Operational Efficiency and AutomationThis allows you to integrate and manage secrets used by Pods in K8S using Vault VSO, increasing the efficiency of sensitive information management. Additionally, you can modify K8S secrets and configure sensitive information changes and deployments through the application CI/CD pipeline.Vault sets a TTL (Time To Live) to automatically revoke credentials when they are no longer in use, and prevents secrets with expired lifetimes from being reused. All access and issuance events are recorded in audit logs, enabling consistent security governance across DevOps, CI/CD, and GitOps deployment pipelines.■ Kubernetes security implemented with QueryPie KAC and HashiCorp Vault integration workflowCloudNetworks' strategy goes beyond simply adopting QueryPie KAC and HashiCorp Vault as separate solutions; it aims to build an organic and integrated security workflow tailored to Kubernetes operations.When a user requests access to a Kubernetes cluster, QueryPie KAC determines whether to grant access based on policies. If access is granted, Vault dynamically issues secrets that match the user's or application's request purpose and permission level.When a Pod starts, VSO securely injects the latest secrets from Vault and automatically discards them according to the TTL settings when they are no longer needed. Operations teams can design systems that allow authorised users and applications to safely use the necessary permissions and automatically recover them without manually managing credentials. All approval requests, session recordings, and secret issuance/disposal histories are integrated into a central audit log, enabling compliance with regulatory and security audit requirements. The operations team and security team can visualise the entire cluster security status in real time, detect abnormal behaviour, and analyse incidents in detail when they occur from a unified dashboard.■ CloudNetworks' Kubernetes integration security support planCloudNetworks is an official partner of HashiCorp and QueryPie and has experience in building access control and secret management solutions in various industries. We support a phased approach tailored to each company's cluster size, regulatory environment, and security maturity. Depending on the company's requirements, we can provide centralised access control through QueryPie KAC, secret management through HashiCorp Vault, or a combination of both solutions. In addition, we provide a cloud-native security environment tailored to the security journey of each company, including integration with CI/CD pipelines, Secrets Operator deployment, and DevSecOps policy design. Jeong Heung-kyun, CEO of CloudNetworks, said, ‘Our goal is to help companies achieve consistent security governance and compliance they can trust without compromising the innovative automation and flexibility provided by Kubernetes.’

Zero trust security models are becoming an essential part of cloud security.Cloud Networks is leading the innovation in cloud security.◈A new paradigm for cloud migration and securityWith the advancement of digital innovation and AI technology, companies and institutions are rapidly migrating to cloud environments. However, as cloud environments expand, security threats also increase, and it is difficult to effectively respond to these threats with traditional on-premises security methods. As a result, the Zero Trust security model has become an essential element of cloud security.Zero Trust is a security approach based on the principle of ‘never trust, always verify,’ which verifies all access requests and applies the principle of least privilege to strengthen security. CloudNetworks leverages HashiCorp Vault, QueryPie, and Splunk solutions to build a robust cloud security architecture based on these security principles.◈Key challenges in cloud securityCompanies face a variety of security issues in cloud environments.•Security secrets management: Risk of leakage of security information such as authentication keys, API keys, and passwords•Access control: Difficulty in managing user and system access permissions in detail•Security Visibility: Lack of a system to detect and respond to security events in the cloud in real timeTo solve these problems, it is essential to go beyond the simple introduction of security solutions and build a systematic security architecture.◈Implementing a zero trust security architecture with CloudNetworksSecurity in a cloud environment cannot be solved with a single solution. Zero trust is not a structure that can be completed with a single solution, but rather requires combining the strengths of various products to build a security architecture optimised for the internal environment of an organisation.CloudNetworks utilises HashiCorp Vault, QueryPie, and Splunk solutions to support core areas of cloud security, such as sensitive information protection, access control, and real-time security analysis, providing a robust architecture that can effectively respond to security threats.■ Cloud Secret Lifecycle Management: HashiCorp VaultHashiCorp Vault is a security solution that centrally manages important passwords, API keys, authentication tokens, encryption keys, etc. in the cloud environment and dynamically issues credentials when necessary. It provides automated key rotation, policy-based access control, and encryption services to further protect sensitive data.■ Centralised control of cloud resource access: QueryPieQueryPie is a zero-trust-based security solution that centrally controls access to databases, infrastructure, SaaS applications, container orchestration (Kubernetes), and more. It supports RBAC (role-based access control), ABAC (attribute-based access control), audit log recording, Kubernetes access control (KAC), and more, maximising security across the entire cloud environment.■ Cloud security visibility and real-time analysis: SplunkSplunk is a platform that collects information such as logs, stream data, and network traffic generated in cloud and IT infrastructures, and detects and analyses security threats in real time. It maximises security visibility through AI-based anomaly detection, real-time security event monitoring, and automated security response (SOAR) capabilities.◈CloudNetworks - Zero Trust Security Architecture Implementation Case StudyCloudNetworks has extensive experience in implementing multiple security architectures using three solutions. In one case, Company A, which operates large-scale services, faced account management and account takeover issues as major security issues due to the movement of a large number of internal and external personnel. CloudNetworks solved this problem by leveraging HashiCorp Vault, QueryPie, and Splunk to rebuild the account management system.The new architecture works as follows.First, Vault centrally manages all root accounts for IT resources, and all account information remaining in existing systems is deleted. When an authorised user needs to access a specific system, they first request access through QueryPie, which then requests account creation from Vault. Vault creates an account with the minimum necessary permissions for the authorised user, and QueryPie grants access to the IT resources. This enables management efficiency and implements a robust security architecture that fundamentally prevents account theft.This enables management efficiency and implements a robust security architecture that fundamentally prevents account theft.◈CloudNetworks leads innovation in cloud securityAs cloud security faces increasingly sophisticated threats, each company must build a security architecture optimised for its environment. CloudNetworks provides a zero-trust security model combining HashiCorp Vault, QueryPie, and Splunk to offer sensitive information protection, access control, and real-time analysis, enabling companies to achieve a secure digital transformation.Jeong Heung-gyun, CEO of CloudNetworks, stated, “As security threats become more sophisticated, businesses must adopt reliable security strategies and proven solutions.” He added, “CloudNetworks will continue to provide the optimal security architecture tailored to evolving cloud environments and offer practical solutions to help businesses achieve safer IT operations.”

CloudNetworks, a leading provider of IT solutions and cloud services (CEO Jung Heung-kyun), has unveiled a new corporate identity (CI) embodying the vision of ‘harmony between innovation and growth,’ marking its commitment to establishing a strong corporate identity and driving brand innovation.Celebrating its 13th anniversary this year, CloudNetworks provides customised services optimised for customers' IT environments through solutions such as HashiCorp, QueryPai, Splunk, and NetScaler for cloud security and operational optimisation, as well as its own security, data collection, and transmission solutions developed with proprietary technology.With the core value of ‘growing together with customers through technology,’ CloudNetworks has expanded its business areas to include networking, big data, security, and cloud computing, establishing itself as a trusted company in the domestic IT market. Last year, the company recorded its highest annual revenue of 41.9 billion won.The CI revamp is part of the company's efforts to strengthen its brand value and accelerate its growth to become a top-tier IT specialist. It was designed with a focus on sustainable growth and future-oriented innovation based on the new vision of ‘harmony between innovation and growth.’The upward slope of the symbol conveys CloudNetworks' message of growing together with its customers toward the future, while the structure formed by the two lines symbolises strong connections and cooperation, representing the company's philosophy of continuously striving for the success and development of its customers.  Additionally, the harmonious combination of “Green,” symbolising sustainability and eco-friendly values, and “Blue,” representing trust, stability, and cutting-edge IT expertise, visually completes CloudNetworks' flexibility, relentless innovation, and technological leap toward the future. The simple yet striking design conveys the value of continuous development and collaboration with customers, expressing infinite possibilities.CloudNetworks has also renewed its website to reflect the new CI. The user interface (UI) has been completely redesigned with a more intuitive layout and simplified menu structure to improve readability. User experience (UX) has been optimised to enable users to quickly find the information they need, and a responsive web design ensures an optimised environment across PCs, tablets, and mobile devices.Jeong Heung-gyun, CEO of CloudNetworks, stated, ‘We have undertaken our first CI overhaul since our founding to reflect our strong commitment to continuous innovation in the rapidly changing IT environment. This year, we plan to establish a brand identity aligned with the new CI, expand customer touchpoints, and implement differentiated marketing strategies to expand our business scope into areas of growing importance such as supply chain and OT security, while maintaining stable growth.’

CloudNetworks announced on the 12th that it has unveiled its new CI and will embark on establishing its corporate identity and innovating its brand.Celebrating its 13th anniversary this year, CloudNetworks has expanded its business areas to include networking, big data, security, and cloud computing since its establishment, with the core value of ‘growing with customers through technology.’ Last year, it also recorded its highest annual revenue ever at 41.9 billion won.The new CI was designed with a focus on sustainable growth and future-oriented innovation based on the new vision of ‘harmony between innovation and growth.’The upward slope of the symbol conveys the message that CloudNetworks will grow together with its customers toward the future. The structure formed by the two lines symbolises strong connections and cooperation, representing the company's philosophy of continuously striving for the success and development of its customers.In addition, the colours “green,” symbolising sustainability and eco-friendly values, and “blue,” representing trust, stability, and cutting-edge IT expertise, are harmoniously combined to visually complete CloudNetworks' flexibility, continuous innovation, and technological leap towards the future.Along with the CI revamp, CloudNetworks has also renewed its website. The new CI has been reflected, and the user interface (UI) has been completely redesigned to improve readability with a more intuitive layout and simpler menu structure. The user experience (UX) has also been optimised to enable users to quickly find the information they need.Jeong Heung-kyun, CEO of CloudNetworks, said, ‘We have carried out our first CI overhaul since our founding to reflect our strong commitment to continuous innovation in the rapidly changing IT environment. This year, we plan to establish a brand identity that aligns with the new CI, expand our customer base, and implement differentiated marketing strategies to expand our business areas into important fields such as supply chain and OT security, while maintaining stable growth.’Currently, CloudNetworks provides customized services optimized for customers' IT environments through solutions such as Hashicorp, QueryFi, Splunk, and NetScaler, which enable cloud security and operational optimization, as well as its own security, data collection, and transmission solutions developed with proprietary technology.

CloudNetworks announced on the 12th that it will unveil a new CI embodying its new vision of ‘harmony between innovation and growth’ and embark on establishing its corporate identity and brand innovation.Celebrating its 13th anniversary this year, CloudNetworks has expanded its business areas to include networking, big data, security, and cloud computing since its establishment, with its core value of ‘growing with customers through technology.’ In particular, the company recorded its highest annual sales of 41.9 billion won last year.The CI revamp is part of efforts to strengthen brand value in order to further accelerate this growth and make a quantum leap as a top-tier IT specialist.The new CI was designed with a focus on sustainable growth and future-oriented innovation based on the new vision of ‘harmony between innovation and growth.’The upward slope of the symbol conveys the message that CloudNetworks will grow together with its customers toward the future. The structure formed by the two lines symbolises strong connections and cooperation, representing the company's philosophy of continuously striving for the success and development of its customers.The harmonious combination of green, symbolising sustainability and eco-friendly values, and blue, representing trust, stability, and cutting-edge IT expertise, visually completes CloudNetworks' flexibility, continuous innovation, and technological leap towards the future. The simple yet striking design expresses unlimited potential and conveys the value of continuous development and cooperation with customers.Along with the CI redesign, CloudNetworks has also launched a renewed website. The new CI has been reflected, and the user interface (UI) has been completely redesigned to improve readability with a more intuitive layout and simpler menu structure. User experience (UX) has also been optimised to allow users to quickly find the information they need, and a responsive web design ensures an optimised environment across PCs, tablets, and mobile devices.Jeong Heung-gyun, CEO of CloudNetworks, stated, ‘We have undertaken our first CI overhaul since our founding to reflect our strong commitment to continuous innovation in the rapidly changing IT environment. This year, we plan to establish a brand identity that aligns with our new CI, expand our customer touchpoints, and implement differentiated marketing strategies to expand our business areas into important fields such as supply chain and OT security, while maintaining stable growth.’

CloudNetworks, a specialist in IT solutions and cloud services (CEO Jung Heung-kyun), has unveiled a new CI embodying its vision of ‘harmony between innovation and growth’ and embarked on a drive to establish its corporate identity and innovate its brand.Celebrating its 13th anniversary this year, CloudNetworks has expanded its business areas to include networking, big data, security, and cloud services since its establishment, with the core value of ‘growing with customers through technology.’ Last year, the company achieved a significant milestone by recording its highest-ever annual revenue of 41.9 billion won.The CI revamp is part of the company's efforts to strengthen its brand value and accelerate its growth to become a top-tier IT specialist. It was designed with a focus on sustainable growth and future-oriented innovation based on the new vision of ‘harmony between innovation and growth.’The upward slope of the symbol conveys CloudNetworks' message of growing together with its customers toward the future, while the structure formed by the two lines symbolises strong connections and cooperation, representing the company's philosophy of continuously striving for the success and development of its customers.Additionally, the harmonious combination of “Green,” symbolising sustainability and eco-friendly values, and “Blue,” representing trust, stability, and cutting-edge IT expertise, visually completes CloudNetworks' flexibility, relentless innovation, and technological leap toward the future. The simple yet striking design conveys the value of continuous development and collaboration with customers, expressing unlimited potential.CloudNetworks has also launched a newly redesigned website reflecting the new CI. The user interface (UI) has been completely overhauled to provide a more intuitive layout and simpler menu structure, enhancing readability. User experience (UX) has been optimised to enable users to quickly find the information they need, and the website is now responsive, providing an optimised environment across PCs, tablets, and mobile devices.Jeong Heung-kyun, CEO of CloudNetworks, said, ‘We have carried out our first CI overhaul since our founding to reflect our strong commitment to continuous innovation in the rapidly changing IT environment. This year, we plan to establish a brand identity that aligns with our new CI, expand our customer base, and implement differentiated marketing strategies to expand our business areas into important fields such as supply chain and OT security, while maintaining stable growth.’Meanwhile, CloudNetworks provides customised services optimised for customers' IT environments by combining solutions from Hashicorp, QueryPai, Splunk, and NetScaler—which realise cloud security and operational optimisation—with its own security, data collection, and transmission solutions developed in-house.