Request a Demo

You can still request to
join our Private Beta. * E-mail is mandatory.

Aqua Blog

Security Best Practices for Kubernetes: Redux

Last week I presented at the NY Kubernetes meetup on security best practices. 

Don't Leave Your Keys Exposed: Lessons from IBM Privilege Escalation Flaw

Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to[…]

OpenSSL Vulnerability: If You Drive in the Fast Lane, You Better Have a Reinforced Windshield

If you know that somebody is going to throw a stone at your car’s windshield, then the glass thickness should be proportional to your driving speed (simple physics…).

Security Best Practices for Kubernetes Deployment

This is a blog post that Amir and I published on Kubernetes.io.

Kubernetes provides many controls that can greatly improve your application security. Configuring them requires intimate knowledge[…]

Running a Security Service in Google Cloud - Real World Example

Right after DockerCon, I presented at the Kubernetes meetup in Seattle. 

Docker 1.11 and CIS Benchmark: What’s New in Security?

Security is the enterprise’s foremost concern on its way to production adoption of container technology. However, security is never a one-off deal, and in the context of the still nascent[…]

The known knowns - the importance of ongoing security scans for containers

A month ago we introduced Peekr, Scalock’s free security scanner for container images.

Docker 1.10 Security Features, Part 3: User Namespace

In the last 2 posts about the main security features in Docker 1.10 we tacklקd the Authorization plug-in and the Secomp profiles. In this final post we'll focus on the new support for Linux User[…]