In support of Amazon’s announcement this week at re:Invent surrounding the new AWS Container Marketplace, we’ve made the Aqua Container Security Platform available for on-demand consumption (pay as you go), via the newly minted AWS Container category in the Marketplace. 

We have several new listings in the AWS …

Containers make it very easy to package and deliver applications, so it’s not surprising that many ISVs (Independent Software Providers) are leading the trend of packaging their software, whether it’s commercial off-the-shelf (COTS) or custom-developed code, as container images. These images are then fed into the …

Gartner recently released a Technical Professional Advice report titled Container Security -- From Image Analysis to Network Segmentation, Options Are Maturing* (by Joerg Fritsch and Michael Isbitski, 28 August 2018), with a detailed analysis of the space, including open source tools and commercial solutions.

We're …

We just released a new free tool called kube-hunter. You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues - it’s like automated penetration testing. 

Good news for those of you running container workloads on GCP - we now provide a nice integration with Google's Cloud Security Command Center. The Cloud SCC provides a centralized, single-pane-of-glass view of all security data for GCP applications, and providing actionable insights. It includes things like access …

In late 2016 we enlisted the help of security analysts and thought leaders Securosis to perform an in-depth best practices analysis of what companies should do to build a security program around containers. In the 14 months that passed, many things have evolved in the container (and now, cloud-native) ecosystem. So …

Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs

Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities in images, and the need for granular access-control between containers

This isn't a story about a Docker vulnerability; it's a story about how hackers are looking for unsecured Docker deployments where they can mine cryptocurrency. You shouldn't leave your Docker daemon unsecured  any more than you would leave your mail server unsecured.

We’ve heard many accounts of attempted …

About Meltdown and Spectre

Following the trend of ‘branding’ vulnerabilities, Meltdown and Spectre vulnerabilities (CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715) are ‘brand’ names given to currently known variants of vulnerabilities of a similar nature, related to speculative execution. The general idea is …

It’s been less than a year since we announced our Series A round led by Microsoft, and what a year it’s been!