Impressions from KubeSec, The First Enterprise Kubernetes Security Summit


On Monday, “day 0” of this year’s KubeCon/CloudNativeCon, we held our first KubeSec Enterprise Summit event, co-located with KubeCon under the auspices of the CNCF. Aqua hosted the event together[…]

Istio Security: Zero-Trust Networking


This is the second in our series of blog posts on Istio, and will focus on Istio’s security features: what they are, how they work and how they help protect your workloads and your data.


Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)


Earlier this week, a severe vulnerability in Kubernetes (CVE-2018-1002105) was disclosed that allows an unauthenticated user to perform privilege escalation and gain full admin privileges on a[…]

Enterprise Kubernetes Security at KubeCon + CloudNativeCon

Kubernetes security

KubeCon + CloudNativeCon North America is just around the corner, and looks like it is going to break attendance records, becoming the largest gathering of the Kubernetes and cloud native[…]

How to Secure Amazon ECS Workloads On Demand


In support of Amazon’s announcement this week at re:Invent surrounding the new AWS Container Marketplace, we’ve made the Aqua Container Security Platform available for on-demand consumption (pay[…]

Serverless Security: The Importance of FaaS Risk Assessment

Serverless functions risk

In my previous blog, I discussed the serverless services spectrum and the unique security considerations of serverless functions. In this post, I’d like to elaborate on the importance of[…]

Istio: The Enterprise Upgrade Path to Microservices

Kubernetes Security

Istio, Google’s open source project for large scale, containerized application management was released in May 2017 and has undergone rapid development since then, culminating in the landmark 1.0[…]

Streamline Image Vulnerability Management for OpenShift Image Streams

Container Security Openshift

In traditional cloud native environments, actions such as building and deploying applications will usually involve working directly with images hosted in one or more registries. Customers wishing[…]

“Thin OS” Security for Container Hosts

Container Security

In the spectrum of deployment options available for cloud native applications, the most widely used option, at least presently, is running containers on VMs that use the Linux operating system (or[…]

Securing ISV-Provided Container Images

Container security

Containers make it very easy to package and deliver applications, so it’s not surprising that many ISVs (Independent Software Providers) are leading the trend of packaging their software, whether[…]

Subscribe to Email Updates