Aqua Blog

Secrets

Kubernetes Secrets

Protecting Kubernetes Secrets: A Practical Guide

While secrets are critical for the operation of production systems, exposing those secrets puts those systems at risk. Kubernetes does not provide robust mechanisms to encrypt, manage, and share secrets across a Kubernetes cluster. You will probably leverage secrets management solutions like Vault, but you’ll …

Continue reading ›
Kubernetes 1.10 Release Security

Kubernetes 1.10: What’s New in Security

Kubernetes 1.10 was officially released recently, with many new enhancements and improvements. This version of Kubernetes, which is lighter on the security side compared to the recent 1.9 and 1.8 releases that were very security focused, offers several new worthy security related features.

Continue reading ›
Protecting Hybrid-Cloud Workloads Lessons from ESG Survey

Protecting Hybrid-Cloud Workloads? Lessons from ESG Survey

Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs

Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities in images, and the need for granular access-control between containers

Continue reading ›
Container Security in The Enterprise Survey

Survey: Detecting Vulnerabilities in Images and Managing Secrets

Last month at DockerCon Europe we learned that container adoption is rising to a whole new level with 24 billion container downloads and 77K% growth in Docker job listings. This is when Docker also announced that it now supports Kubernetes. Combine this with the recent news from The Cloud Native Computing …

Continue reading ›
blog_AWS.png

Securing Container Workloads on AWS with Aqua

Many of our customers run container workloads on AWS - hardly surprising given Amazon’s lead position in the cloud market. But AWS also offers some distinct advantages to those running containers, including a set of highly-integrated services that take the pain away from managing deployments.

Continue reading ›
Container secrets (2).png

Keys, Tokens and Too Much Trust Found in Popular Container Images

This article was originally published in HelpNetSecurity.com

We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries …

Continue reading ›
Multi Tenancy

Announcing Aqua CSP 2.5: Multi-Tenant Security Management for Containers

We’re glad to announce version 2.5 of the Aqua Container Security Platform, which includes hundreds of improvements and new features. Our main focus has been on making the platform more scalable for our customer deployments, which include some of the world’s largest container setups.

Continue reading ›
Injecting Secrets with HashiCorp Vault and Container security on Azure

Injecting Secrets - Kubernetes,  HashiCorp Vault and Aqua on Azure

One of the neat features of the Aqua Security solution is the ability to inject secrets into the environment of a running container, so that they never get written to disk. In this article I’m setting up an Aqua installation on Azure, using Kubernetes as the orchestrator and HashiCorp Vault as the secrets store, so …

Continue reading ›
Keys_IBM_flaw.png

Don't Leave Your Keys Exposed: Lessons from IBM Privilege Escalation Flaw

Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to the outside world. Wayne Chang, security consultant who found this, explains in his original report:

Continue reading ›
blog-secrets-2.png

The Challenges of Docker Secrets Management

In our many conversations with customers, Docker secrets management has come up as a particularly thorny issue that seemed to lack an elegant, cross-platform solution for container environments. Not a new issue in the enterprise space, especially as pertains to large-scale DevOps environments, the challenges of …

Continue reading ›