Aqua Blog
Experts insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Istio Security

Istio: Canary Deployments, Dynamic Routing & Tracing

In this series of blog posts we had an introduction to Istio, and an overview of its security features. This post completes the series with a look at how we can leverage Istio’s traffic control features to provide increased observability and …

Continue reading ›
featured_kubesec_blog.png

Impressions from KubeSec, The First Enterprise Kubernetes Security Summit

On Monday, “day 0” of this year’s KubeCon/CloudNativeCon, we held our first KubeSec Enterprise Summit event, co-located with KubeCon under the auspices of the CNCF. Aqua hosted the event together with our partners Red Hat and AWS. The event was …

Continue reading ›
Istio-Security_BLOG650_315.png

Istio Security: Zero-Trust Networking

This is the second in our series of blog posts on Istio, and will focus on Istio’s security features: what they are, how they work and how they help protect your workloads and your data.

Building, deploying and maintaining secure, cloud native …

Continue reading ›
Severe-Privilege--BLOG-650_315.png

Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)

Earlier this week, a severe vulnerability in Kubernetes (CVE-2018-1002105) was disclosed that allows an unauthenticated user to perform privilege escalation and gain full admin privileges on a cluster. The CVE was given the high severity score of …

Continue reading ›
Kubernetes security

Enterprise Kubernetes Security at KubeCon + CloudNativeCon

KubeCon + CloudNativeCon North America is just around the corner, and looks like it is going to break attendance records, becoming the largest gathering of the Kubernetes and cloud native community ever!

Such massive adoption by large …

Continue reading ›
PCF Security

Security for Pivotal PAS and PKS

“When will Aqua support Pivotal Container Service (PKS)?” has become a recurring theme since we announced Aqua Security Scanner for PCF last spring. It seems many, many Pivotal Cloud Foundry PaaS customers are testing PKS, and more than a few are …

Continue reading ›
Kubernetes security

Kube-hunter - an open source tool for Kubernetes penetration testing

We just released a new free tool called kube-hunter. You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues - it’s like automated penetration testing. 

Continue reading ›
Kubernetes Security

Aqua’s Consumption-Based Container Runtime Security Solution on GCP Marketplace

We’re pleased to announce that the Aqua Container Security Platform is now available on the Google Cloud Marketplace. This is the industry’s first consumption-based security solution for containers, enabled for Kubernetes, providing full …

Continue reading ›
AWS EKS Container Security

Creating and Securing an EKS Cluster: First Steps

Amazon’s managed Kubernetes service, EKS, recently went GA. Here are a few things I learnt spinning up an EKS cluster for the first time, and running the kube-bench tests on it.

Continue reading ›
Kubernetes Security AWS EKS

Securing Kubernetes Deployments on Amazon EKS with Aqua

AWS made its Elastic Container Services for Kubernetes (EKS) generally available today. We at Aqua had access to the preview version for some time, which allowed us to ensure that our container security platform works with EKS to provide its full …

Continue reading ›
Docker Networking and Kubernetes Networking Tools

Popular Docker Networking and Kubernetes Networking Tools

In a previous post, we explored six tools for storing data for Docker containers. Another challenge in container environments is getting containers to network in a consistent and secure manner - especially as container workloads may appear on …

Continue reading ›