Managing known vulnerabilities in container images has been one of the first issues to get the attention of organizations that adopt containers. Knowing what vulnerabilities (CVEs) lurk in your image code is important, but fixing or patching the images that contain vulnerabilities has been a challenge, since it’s …

Enterprise-grade solutions are expected to integrate with existing enterprise infrastructure, including providing SSO to authenticate users without requiring separate definitions of user identity and access credentials.

Many of you may be familiar with the shift left security approach in which security is built in at an early stage of the application development life cycle. It is easier and more effective to do it early, rather than discover security issues later in the game, when applications are already deployed. When issues are …

This blog is dedicated to my Mum. She was a leading psychiatrist who loved learning and traveling. She was a huge inspiration to me. I think she would be proud that I’m pursuing my passion of traveling around the world teaching what I love.

I want to start with a quote attributed to another inspiring woman, Grace …

Docker and Arm Announcement

At DockerCon earlier this month, Docker and Arm announced a joint venture in which new Docker-based solutions will be available to the Arm ecosystem. Docker and Arm touted this synergy as a way for developers to leverage containers, both remote and on-premises, in an easier way. There …

For the second time, Aqua will host the KubeSec Enterprise Summit next week, together with our co-hosts AWS, Google Cloud, Microsoft Azure, and Red Hat. The event is co-located with KubeCon/CloudNativeCon in Barcelona and will take place on Monday, May 20th. Unlike other co-located events, this full day program …

A new vulnerability that impacts Alpine Docker images was published last week. The vulnerability is due to the ‘root’ user password which is set, by default, to NULL on Alpine Docker images from version 3.3 or higher.

Aqua recently developed a Kubernetes Operator that was successfully tested and validated by Red Hat standards for integration and supportability. Before we tell you about our new OpenShift-certified Operator, let’s get some context about what an Operator is.

Now that containers have been around for a few years and have had their share of disclosed vulnerabilities, it’s time to revisit some of the more interesting ones and see if there’s a recurring theme or any underlying trend to highlight.

A few days ago, Docker discovered that a database holding the credentials of some 190,000 Docker Hub accounts was exposed to unauthorized access (about 5% of all Docker Hub accounts). We’ve been getting questions from customers on this, so I wanted to set the record straight on what we know and what we recommend …