Here at Aqua Security, we recently released an open source project to help container users manage the metadata associated with their container images. It’s called Manifesto, and it stores[…]
Evangelists for DevSecOps integration are building interest in the discipline and providing an understanding of the power of using a DevSecOps approach. In this post we’ll look at the best, of the[…]
The term Personally Identifiable Information (PII) will be familiar to organizations who are required to comply with regulatory standards such as PCI-DSS.
NIST Special Publication 800-122[…]
Yesterday Microsoft dropped a bombshell in containersphere, announcing Azure Container Instances, or ACI.
The PCI Data Security Standard is no news. Any entity that collects, holds or processes credit card information is obliged by this standard. What is new is the adoption of containers for[…]
In just about a week we will be live on stage at BlackHat 2017 with this tersely titled talk: Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and[…]
The Center for Internet Security provides a number of guidelines and benchmark tests for best practices in securing your code. As Michael Cherny recently described, the CIS has recently published[…]
This article was originally published in infoworld.com
As part of my job, I regularly meet with devops people to discuss their container strategy. Most of the time, the people I talk to are eager[…]
This article was originally published in HelpNetSecurity.com
We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is[…]
We’re glad to announce version 2.5 of the Aqua Container Security Platform, which includes hundreds of improvements and new features. Our main focus has been on making the platform more scalable[…]