Aqua Blog

Cloud compliance

CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions

CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions

A new vulnerability was discovered earlier this week in the sudo package. Sudo is one of the most powerful and commonly used utilities installed on almost every UNIX and Linux-based operating system.

Continue reading ›
Security Configuration Benchmarks for Kubernetes

Security Configuration Benchmarks for Kubernetes

When you’re running Kubernetes, how do you know whether it’s configured securely? Kubernetes is a complex system, with several control plane components, each of which has numerous configuration parameters. In some cases, it’s clear that a parameter will have an impact on Kubernetes security – for example, providing …

Continue reading ›
“Thin OS” Security for Container Hosts

“Thin OS” Security for Container Hosts

In the spectrum of deployment options available for cloud native applications, the most widely used option, at least presently, is running containers on VMs that use the Linux operating system (or less frequently, bare-metal servers running Linux).

Continue reading ›
Out-of the-Box Policies Simplify Container Compliance

Out-of the-Box Policies Simplify Container Compliance

One of the challenges organizations have in using cloud native technologies is in figuring out how compliance requirements translate into actionable control points. Most regulations predate containers and serverless technologies and don’t have specific articles governing the use of such technologies.

We recently …

Continue reading ›
Kubernetes Security Deep-Dive

Kubernetes Security Deep-Dive

Since the second half of 2017, Kubernetes has been gaining momentum in adoption as well as in its ecosystem support. We see more and more enterprises choosing Kubernetes for the orchestration of their cloud native deployments. This is in no small part thanks to the many enterprise-grade features added in versions 1.8 …

Continue reading ›
Preparing Container-Based Applications for GDPR: What You Need to Know

Preparing Container-Based Applications for GDPR: What You Need to Know

The General Data Protection Regulation (GDPR), set to replace the European Data Protection Directive 95/46/EC, comes into effect in May 2018. GDPR is intended to protect the privacy of EU citizens, and give regulatory bodies the power to act against non-compliant organizations. It affects member states in the EU, but …

Continue reading ›
Container Governance Using Aqua Security and Google Grafeas

Container Governance Using Aqua Security and Google Grafeas

Securing software supply chains requires strong governance and rich data, both to help ensure that only approved components are executed on production machines.

Continue reading ›
Protecting PII in Container Environments for PCI and GDPR Compliance

Protecting PII in Container Environments for PCI and GDPR Compliance

The term Personally Identifiable Information (PII) will be familiar to organizations who are required to comply with regulatory standards such as PCI-DSS.

NIST Special Publication 800-122[4] defines PII as "any information about an individual maintained by an agency, including (1) any information that can be used to …

Continue reading ›
Why Container Security Matters for PCI Compliant Organizations

Why Container Security Matters for PCI Compliant Organizations

The PCI Data Security Standard is no news. Any entity that collects, holds or processes credit card information is obliged by this standard. What is new is the adoption of containers for production applications that may directly impact PCI compliance. With a 40% increase in Docker adoption in one year, containers …

Continue reading ›
Kube-Bench: An Open Source Tool for Running Kubernetes CIS Benchmark Tests

Kube-Bench: An Open Source Tool for Running Kubernetes CIS Benchmark Tests

The Center for Internet Security provides a number of guidelines and benchmark tests for best practices in securing your code. As Michael Cherny recently described, the CIS has recently published a benchmark for Kubernetes, and now we’re pleased to tell you about our new open source implementation of these tests:

Continue reading ›
HIPAA Compliance for Containers: Impact Analysis and Best Practices

HIPAA Compliance for Containers: Impact Analysis and Best Practices

Since 1996, the HIPAA act has mandated how personal health information (PHI) should be secured and protected from prying eyes. HIPAA requirements changed how companies in the healthcare industry treat patient data, as well as the processes governing it, the applications that handle it, and the infrastructure that runs …

Continue reading ›