In the spectrum of deployment options available for cloud native applications, the most widely used option, at least presently, is running containers on VMs that use the Linux operating system (or less frequently, bare-metal servers running …
Containers make it very easy to package and deliver applications, so it’s not surprising that many ISVs (Independent Software Providers) are leading the trend of packaging their software, whether it’s commercial off-the-shelf (COTS) or …
Gartner recently released a Technical Professional Advice report titled Container Security -- From Image Analysis to Network Segmentation, Options Are Maturing* (by Joerg Fritsch and Michael Isbitski, 28 August 2018), with a detailed analysis of …
“When will Aqua support Pivotal Container Service (PKS)?” has become a recurring theme since we announced Aqua Security Scanner for PCF last spring. It seems many, many Pivotal Cloud Foundry PaaS customers are testing PKS, and more than a few are …
Cloud-native workloads terminology is used a lot these days to describe new technologies and deployment models of applications in the cloud universe. Serverless is a notable example of such cloud-native-workloads: it prioritizes simplicity and …
We just released a new free tool called kube-hunter. You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues - it’s like automated penetration testing.
One of the challenges organizations have in using cloud-native technologies is in figuring out how compliance requirements translate into actionable control points. Most regulations predate containers and serverless technologies and don’t have …
Recently, IBM researchers weighed in on container isolation, having developed an algorithm for measuring how well it works, and reached the conclusion that "a Docker container with a well crafted seccomp profile (which blocks unexpected system …
We’re pleased to announce that the Aqua Container Security Platform is now available on the Google Cloud Marketplace. This is the industry’s first consumption-based security solution for containers, enabled for Kubernetes, providing full …
A few months ago we launched the Aqua MicroEnforcer, the first solution for providing runtime protection to a container running in Containers-as-a-Service platforms like AWS Fargate or Azure Container Instances. The mechanism I wrote about at the …
Amazon’s managed Kubernetes service, EKS, recently went GA. Here are a few things I learnt spinning up an EKS cluster for the first time, and running the kube-bench tests on it.