One of the challenges of managing containerized environments is how to store sensitive information that’s needed for the operation of the applications running in those environments. Kubernetes provides a built-in secrets object type, but a common comment about them is that, from a technical standpoint, they’re just …
While secrets are critical for the operation of production systems, exposing those secrets puts those systems at risk. Kubernetes does not provide robust mechanisms to encrypt, manage, and share secrets across a Kubernetes cluster. You will probably leverage secrets management solutions like Vault, but you’ll quickly …
.png)
Kubernetes 1.10 was officially released recently, with many new enhancements and improvements. This version of Kubernetes, which is lighter on the security side compared to the recent 1.9 and 1.8 releases that were very security focused, offers several new worthy security related features.
Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs
Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities in images, and the need for granular access-control between containers
Last month at DockerCon Europe we learned that container adoption is rising to a whole new level with 24 billion container downloads and 77K% growth in Docker job listings. This is when Docker also announced that it now supports Kubernetes. Combine this with the recent news from The Cloud Native Computing Foundation …
Many of our customers run container workloads on AWS - hardly surprising given Amazon’s lead position in the cloud market. But AWS also offers some distinct advantages to those running containers, including a set of highly-integrated services that take the pain away from managing deployments.
.png)
This article was originally published in HelpNetSecurity.com
We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries and …
We’re glad to announce version 2.5 of the Aqua Container Security Platform, which includes hundreds of improvements and new features. Our main focus has been on making the platform more scalable for our customer deployments, which include some of the world’s largest container setups.
One of the neat features of the Aqua Security solution is the ability to inject secrets into the environment of a running container, so that they never get written to disk. In this article I’m setting up an Aqua installation on Azure, using Kubernetes as the orchestrator and HashiCorp Vault as the secrets store, so …
Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to the outside world. Wayne Chang, security consultant who found this, explains in his original report:
In our many conversations with customers, Docker secrets management has come up as a particularly thorny issue that seemed to lack an elegant, cross-platform solution for container environments. Not a new issue in the enterprise space, especially as pertains to large-scale DevOps environments, the challenges of …