Secrets

Kubernetes 1.10 was officially released recently, with many new enhancements and improvements. This version of Kubernetes, which is lighter on the security side compared to the recent 1.9 and 1.8 releases that were very security focused, offers several new worthy security related features.

Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs

Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities in images, and the need for granular access-control between containers

Last month at DockerCon Europe we learned that container adoption is rising to a whole new level with 24 billion container downloads and 77K% growth in Docker job listings. This is when Docker also announced that it now supports Kubernetes. Combine this with the recent news from The Cloud Native Computing …

Many of our customers run container workloads on AWS - hardly surprising given Amazon’s lead position in the cloud market. But AWS also offers some distinct advantages to those running containers, including a set of highly-integrated services that take the pain away from managing deployments.

This article was originally published in HelpNetSecurity.com

We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries …

We’re glad to announce version 2.5 of the Aqua Container Security Platform, which includes hundreds of improvements and new features. Our main focus has been on making the platform more scalable for our customer deployments, which include some of the world’s largest container setups.

One of the neat features of the Aqua Security solution is the ability to inject secrets into the environment of a running container, so that they never get written to disk. In this article I’m setting up an Aqua installation on Azure, using Kubernetes as the orchestrator and HashiCorp Vault as the secrets store, so …

Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to the outside world. Wayne Chang, security consultant who found this, explains in his original report:

In our many conversations with customers, secrets management has come up as a particularly thorny issue that seemed to lack an elegant, cross-platform solution for container environments. Not a new issue in the enterprise space, especially as pertains to large-scale DevOps environments, the challenges of managing …