Aqua’s Team Nautilus has uncovered a container image that, for the first time, allows bad actors to find and exploit vulnerabilities in Kubernetes clusters. The attackers propagate this malware through a Docker Hub lookalike account intended to dupe developers into downloading malicious images. To the best of our …
Although Kubernetes has certainly matured into a well-adopted container orchestrator platform, it remains complex to manage and secure. Coupling this with a growing attack surface and bad actors trying to exploit it, organizations must implement a comprehensive approach to securing their K8s applications. Aqua aims …
The use of object labels has grown into an industry best practice, as labels allow you to apply metadata to objects like images, deployments, containers, volumes, networks, and more. They can be short and technical, but they can also be more descriptive. However, even with the use of automation for creating labels, …
Back in June 2020, we released Starboard – an open source toolkit that integrates security tools into a Kubernetes environment. We’re now happy to announce a new Starboard Operator that automates the generation of security reports in your K8s cluster. Using Starboard Operator, you can rely on the tools you’re …
With the rapid adoption of Kubernetes, an unforeseen consequence has emerged — there simply aren’t enough trained K8s experts to go around, let alone K8s security experts. Kubernetes environments have increased in size and complexity, expanding its attack surface, and ultimately heightening its susceptibility to …
We have some exciting news about two new features in Tracee, Aqua’s open source container and system tracing utility. Now, Tracee is much more than just a system call tracer, it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when …
If you’re running workloads on Kubernetes, one of the toughest things to understand is where you have security gaps. Yes, there are CIS benchmarks and configurations to tweak, but they are generalized and won’t highlight the risks in workloads that are actually running in your clusters. The Aqua Risk Explorer’s …
There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes environments. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate …
osquery is a SQL powered operating system instrumentation, monitoring, and analytics tool that exposes an operating system as a relational database. Using SQL, you can run queries to gain the status of your entire infrastructure. What’s cool about osquery is how easy it is to use the SQL query interface. kube-query …
Kubernetes 1.17 is here, and includes new features, fixes, and improvements. In this post, we will focus on several new features that Kubernetes 1.17 offers, including the Topology Aware Service routing, the Pod shared PID Namespace, scalability improvements by a new endpoint API, and more.
Yesterday more than 300 cloud native professionals assembled for KubeSec, what has now become a fixture as a “day zero” event for KubeCon/CloudNativeCon. As with previous events, the emphasis was on end-user organizations’ experiences in securing production environments. While many technical aspects and best …