Aqua Blog
Experts insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Kubernetes security

Kube-hunter - an open source tool for Kubernetes penetration testing

We just released a new free tool called kube-hunter. You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues - it’s like automated penetration testing. 

Continue reading ›
SystemCalls_Profiling_BLOG-315_650.png

Aqua 3.2: Preventing Container Breakouts with Dynamic System Call Profiling

Recently, IBM researchers weighed in on container isolation, having developed an algorithm for measuring how well it works, and reached the conclusion that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor."

Continue reading ›