Aqua Blog

Nano-Segmentation

Security Best Practices for Kubernetes: Redux

Security Best Practices for Kubernetes: Redux

Last week I presented at the NY Kubernetes meetup on security best practices. 

Continue reading ›
Don't Leave Your Keys Exposed: Lessons from IBM Privilege Escalation Flaw

Don't Leave Your Keys Exposed: Lessons from IBM Privilege Escalation Flaw

Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to the outside world. Wayne Chang, security consultant who found this, explains in his original report:

Continue reading ›
Network Nano-Segmentation for Container Security

Network Nano-Segmentation for Container Security

Network segmentation is not a new concept in security. It’s been around for a while and is considered one of the most effective methods of limiting the “blast radius”, i.e., preventing extensive damage in case of an attack or a breach by limiting the attacker to a sealed-off segment of the network. In the era of APTs …

Continue reading ›