Aqua Security
Aqua Blog
Experts insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Istio Security
February 21, 2019

Istio: Canary Deployments, Dynamic Routing & Tracing

In this series of blog posts we had an introduction to Istio, and an overview of its security features. This post completes the series with a look at how we can leverage Istio’s traffic control features to provide increased observability and …

Continue reading ›
affecting RunC and Docker BLOG 650_315
February 12, 2019

Mitigating High Severity RunC Vulnerability (CVE-2019-5736)

Yesterday it was disclosed that a new high severity (CVSS score 7.2) vulnerability (CVE-2019-5736) was found in runc, that allows an attacker to potentially compromise the container host. Patches are already available from most providers (see …

Continue reading ›
Blog-image-Amazon-Firecracker-650x315.jpg
January 24, 2019

Amazon Firecracker: Isolating Serverless Containers and Functions

Infrastructure protection, sandboxed containers, MicroVM hypervisors– these are interchangeable terms describing emerging technologies to isolate micro-services from their underlying infrastructure. These isolation technologies aim to protect the …

Continue reading ›
featured_kubesec_blog.png
December 12, 2018

Impressions from KubeSec, The First Enterprise Kubernetes Security Summit

On Monday, “day 0” of this year’s KubeCon/CloudNativeCon, we held our first KubeSec Enterprise Summit event, co-located with KubeCon under the auspices of the CNCF. Aqua hosted the event together with our partners Red Hat and AWS. The event was …

Continue reading ›
Istio-Security_BLOG650_315.png
December 10, 2018

Istio Security: Zero-Trust Networking

This is the second in our series of blog posts on Istio, and will focus on Istio’s security features: what they are, how they work and how they help protect your workloads and your data.

Building, deploying and maintaining secure, cloud native …

Continue reading ›
Severe-Privilege--BLOG-650_315.png
December 06, 2018

Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)

Earlier this week, a severe vulnerability in Kubernetes (CVE-2018-1002105) was disclosed that allows an unauthenticated user to perform privilege escalation and gain full admin privileges on a cluster. The CVE was given the high severity score of …

Continue reading ›
Kubernetes security
December 04, 2018

Enterprise Kubernetes Security at KubeCon + CloudNativeCon

KubeCon + CloudNativeCon North America is just around the corner, and looks like it is going to break attendance records, becoming the largest gathering of the Kubernetes and cloud native community ever!

Such massive adoption by large …

Continue reading ›
Amazon-ECS-Workloads-On-Demand-BLOG650_315_S.png
November 27, 2018

How to Secure Amazon ECS Workloads On Demand

In support of Amazon’s announcement this week at re:Invent surrounding the new AWS Container Marketplace, we’ve made the Aqua Container Security Platform available for on-demand consumption (pay as you go), via the newly minted AWS Container …

Continue reading ›
Serverless functions risk
November 13, 2018

Serverless Security: The Importance of FaaS Risk Assessment

In my previous blog, I discussed the serverless services spectrum and the unique security considerations of serverless functions. In this post, I’d like to elaborate on the importance of preliminary risk assessment checks and their contribution …

Continue reading ›
Kubernetes Security
November 06, 2018

Istio: The Enterprise Upgrade Path to Microservices

Istio, Google’s open source project for large scale, containerized application management was released in May 2017 and has undergone rapid development since then, culminating in the landmark 1.0 release in July 2018. In this blog post we will be …

Continue reading ›
Container Security Openshift
October 25, 2018

Streamline Image Vulnerability Management for OpenShift Image Streams

In traditional cloud native environments, actions such as building and deploying applications will usually involve working directly with images hosted in one or more registries. Customers wishing to track changes in those images, in order to …

Continue reading ›
All posts

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...
Ready to take the plunge?
Try Aqua

    Aqua Security enables enterprises to secure their container-based and cloud-native applications from development to production, accelerating container adoption and bridging the gap between DevOps and IT security.

    Aqua’s Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks, providing transparent, automated security while helping to enforce policy and simplify regulatory compliance.

Copyright © 2019 Aqua Security Software Ltd.