Yesterday more than 300 cloud native professionals assembled for KubeSec, what has now become a fixture as a “day zero” event for KubeCon/CloudNativeCon. As with previous events, the emphasis was on end-user organizations’ experiences in securing production environments. While many technical aspects and best …
November 14, 2019
A CloudSploit Case Study: Trek10's Three AWS Cloud Security Concerns & One Solution
With all the security breaches that occurred on AWS in 2017, be they caused by poorly managed Amazon S3 permissions to inadequate security group configurations, we have seen that no company or government agency is above making simple mistakes. This post will explain three areas of security we’ve noticed many AWS …
IT spend on public cloud will more than double by 2023 (IDC) and hybrid multi-clouds will soon be the more common environment for enterprises. The benefits of using cloud infrastructure including the ability to scale, ease of use and speed of application delivery are too attractive to ignore, however, the …
This week at Velocity Berlin, I’ll be giving a talk called A Beginner’s Guide to eBPF. To coincide with it, we’re opening up a new Aqua Security open source project called Tracee, which uses eBPF to trace events in containers. This isn’t something that most developers need to do on a day-to-day basis, but for those …
Managing a growing number of systems and applications can be complicated and time consuming, making it particularly important to find a way to centralize and optimize your data. As a result, AWS has recently released FireLens which, working with Fluentd and Fluent Bit, allows you to route your logs to a large …
We have enhanced our Cloud Native Security Platform (CSP) by adding Cloud VM protection capabilities for VMs that are not running container workloads. Aqua now provides a full-stack security solution across all workload types: VMs, containers, and serverless functions, for both Linux and Windows VMs.
Many of you may be familiar with the shift left security approach in which security is built in at an early stage of the application development life cycle. It is easier and more effective to do it early, rather than discover security issues later in the game, when applications are already deployed. When issues are …
On Monday, “day 0” of this year’s KubeCon/CloudNativeCon, we held our first KubeSec Enterprise Summit event, co-located with KubeCon under the auspices of the CNCF. Aqua hosted the event together with our partners Red Hat and AWS. The event was over-subscribed, and we had to make special allowance for late …
Amazon’s managed Kubernetes service, EKS, recently went GA. Here are a few things I learnt spinning up an EKS cluster for the first time, and running the kube-bench tests on it.