Last month at DockerCon Europe we learned that container adoption is rising to a whole new level with 24 billion container downloads and 77K% growth in Docker job listings. This is when Docker also announced that it now supports Kubernetes. Combine this with the recent news from The Cloud Native Computing Foundation …
A “Stack Clash” is a vulnerability in the memory management of several operating systems, including Linux. It can be exploited by attackers to corrupt memory of a privileged process in order to execute arbitrary code.
“Wonderful, wonderful Copenhagen” goes the song, and I’d have to agree - it’s a lovely city. The team from Aqua arrived along with folks from across the container industry for Docker’s European conference, and found it very much to our liking.
Securing software supply chains requires strong governance and rich data, both to help ensure that only approved components are executed on production machines.
The newly released Kubernetes 1.8 is the third release this year, and shows great progress and maturity of the Kubernetes project. I’m happy that the community continues to make progress in several security-related areas that have been under development or in beta for a while, and are now officially released.
Many of our customers run container workloads on AWS - hardly surprising given Amazon’s lead position in the cloud market. But AWS also offers some distinct advantages to those running containers, including a set of highly-integrated services that take the pain away from managing deployments.
-profile-400-400-bluw.jpg?width=48&height=48&name=DrorDavidoff-Shirt-(77)-profile-400-400-bluw.jpg){kind=small}
It’s been less than a year since we announced our Series A round led by Microsoft, and what a year it’s been!
What are the chances that your name, address and social security number have been stolen? If you are an American citizen, the answer is ‘about 50/50’. The reason, perhaps not surprisingly, is a recent data breach. Records of 143M customers of Equifax, a large credit reporting company, were stolen.
We recently released the first prototype of Manifesto, a tool for storing metadata alongside a container image. Metadata can hold information about software that can change even if the software itself doesn’t, and we can use this information to create powerful automation tools.
Here at Aqua Security, we recently released an open source project to help container users manage the metadata associated with their container images. It’s called Manifesto, and it stores free-form metadata in the registry, alongside the images themselves.
Evangelists for DevSecOps integration are building interest in the discipline and providing an understanding of the power of using a DevSecOps approach. In this post we’ll look at the best, of the best, DevSecOps pioneers.