Aqua Blog

Kubernetes Security

Kubernetes Pod Security policy

Kubernetes Pod Security Policy Deprecation: All You Need to Know

To improve your Kubernetes security, you need to control and limit what pods can be created and deployed in your environment. For this, Kubernetes has provided a beta feature called Pod Security Policy (PSP), which soon will be deprecated and replaced with a standard called Pod Security Standards (PSS). In this …

Continue reading ›
Kubernetes vulnerability scanning

Vulnerability Scanning for Kubernetes Applications: Why and How

If you’re looking to improve the security posture of your Kubernetes applications, you can get a lot of bang for your buck with vulnerability scanning. In this blog, I’ll talk about the fundamentals of scanning container images: how to pick a vulnerability scanner, when to use it in the application pipeline, and …

Continue reading ›
KubeSec Kubernetes security conference

KubeSec Enterprise Online North America Kicks Off!

Looking for a great start to the year? We got you covered! For the fifth time, Aqua will host the KubeSec Enterprise Summit, an industry event entirely dedicated to the security of cloud native applications. While we’re looking forward to connecting with you all in-person again someday, we are also, as was the case …

Continue reading ›
Kubernetes RBAC Apolicy 5.3

Evaluating and Enforcing Least Privilege in Kubernetes with Aqua KSPM

This blog was co-authored with Maor Goldberg, Founder & CEO at Apolicy

Overly permissive defaults associated with roles and K8s subjects, such as service accounts, add risks to the attack surface of Kubernetes. And attempting to manually understand these risks and enforce least privilege rights in a Kubernetes …

Continue reading ›
AWS EKS Security

Secure your Digital Transformation on Amazon EKS-Distro with Aqua

The cloud is fundamental for digital transformation, but for many organizations, a hybrid approach is preferred. This ideally allows you to use the very same foundational tools on-prem as your destination in the cloud. Well, now you can do just that with Amazon EKS-Distro (EKS-D), a new Kubernetes distribution that …

Continue reading ›
10 Kubernetes Management Platforms

Which Kubernetes Management Platform is Right for You?

The adoption of Kubernetes has more than doubled since 2017 and continues to grow without any signs of slowing down. Over the last few years, the Kubernetes ecosystem has significantly matured, and we’ve seen a lot of consolidation in the market. It now spans a wide range of well-established cloud and on-premises …

Continue reading ›
Kubernetes Vulnerability Security threat

Threat Alert: Market-First Container Image Built to Attack Kubernetes Clusters

Aqua’s Team Nautilus has uncovered a container image that, for the first time, allows bad actors to find and exploit vulnerabilities in Kubernetes clusters. The attackers propagate this malware through a Docker Hub lookalike account intended to dupe developers into downloading malicious images. To the best of our …

Continue reading ›
KubeCon Europe 2020

Security in KubeCon Europe 2020

This was first published by Carol Valencia on Medium 

In August, the KubeCon EU 2020 took place, It was a new experience considered that the event was remote for the first time. The quality and content of the speakers were great, a nice virtual conference to share knowledge and interact with others. There were lots …

Continue reading ›
kube-enforcer

Runtime Protection for K8s Workloads Using a Mutating Admission Controller

Although Kubernetes has certainly matured into a well-adopted container orchestrator platform, it remains complex to manage and secure. Coupling this with a growing attack surface and bad actors trying to exploit it, organizations must implement a comprehensive approach to securing their K8s applications. Aqua aims …

Continue reading ›
Object labels Blog Image v2

Taking Advantage of Object Labels while Controlling the Human Factor

The use of object labels has grown into an industry best practice, as labels allow you to apply metadata to objects like images, deployments, containers, volumes, networks, and more. They can be short and technical, but they can also be more descriptive. However, even with the use of automation for creating labels, …

Continue reading ›
Kubernetes Security with Starboard Operator

Automating Kubernetes Security Reporting with Starboard Operator by Aqua

Back in June 2020, we released Starboard – an open source toolkit that integrates security tools into a Kubernetes environment. We’re now happy to announce a new Starboard Operator that automates the generation of security reports in your K8s cluster. Using Starboard Operator, you can rely on the tools you’re …

Continue reading ›