Aqua Blog

Secrets

Aqua CyberArk Conjur Certification: Making DevSecOps Easier

Aqua CyberArk Conjur Certification: Making DevSecOps Easier

Aqua Security is excited to announce that our newly certified integration with CyberArk Conjur Secrets Manger for both Conjur Secrets Manger Enterprise and Conjur Secrets Manager Open Source is now available in the CyberArk Marketplace. This integration makes it even easier for Aqua Security customers to inject …

Continue reading ›
Why You Shouldn’t Use Config Maps to Store Sensitive Data in K8s

Why You Shouldn’t Use Config Maps to Store Sensitive Data in K8s

One of the challenges of managing containerized environments is how to store sensitive information that’s needed for the operation of the applications running in those environments. Kubernetes provides a built-in secrets object type, but a common comment about them is that, from a technical standpoint, they’re just …

Continue reading ›
Kubernetes Secrets: How to Create, Use, and Secure Them

Kubernetes Secrets: How to Create, Use, and Secure Them

Kubernetes applications frequently need access to confidential information like API keys or database credentials. Storing this data directly in container images or environment variables is not advisable and can create severe security risks. 

Continue reading ›
Kubernetes 1.10: What’s New in Security

Kubernetes 1.10: What’s New in Security

Kubernetes 1.10 was officially released recently, with many new enhancements and improvements. This version of Kubernetes, which is lighter on the security side compared to the recent 1.9 and 1.8 releases that were very security focused, offers several new worthy security related features.

Continue reading ›
Protecting Hybrid-Cloud Workloads? Lessons from ESG Survey

Protecting Hybrid-Cloud Workloads? Lessons from ESG Survey

Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs

Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities in images, and the need for granular access-control between containers

Continue reading ›
Survey: Detecting Vulnerabilities in Images and Managing Secrets

Survey: Detecting Vulnerabilities in Images and Managing Secrets

Last month at DockerCon Europe we learned that container adoption is rising to a whole new level with 24 billion container downloads and 77K% growth in Docker job listings. This is when Docker also announced that it now supports Kubernetes. Combine this with the recent news from The Cloud Native Computing Foundation …

Continue reading ›
Securing Container Workloads on AWS with Aqua

Securing Container Workloads on AWS with Aqua

Many of our customers run container workloads on AWS - hardly surprising given Amazon’s lead position in the cloud market. But AWS also offers some distinct advantages to those running containers, including a set of highly-integrated services that take the pain away from managing deployments.

Continue reading ›
Keys, Tokens and Too Much Trust Found in Popular Container Images

Keys, Tokens and Too Much Trust Found in Popular Container Images

This article was originally published in HelpNetSecurity.com

We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries and …

Continue reading ›
Announcing Aqua CSP 2.5: Multi-Tenant Security Management for Containers

Announcing Aqua CSP 2.5: Multi-Tenant Security Management for Containers

We’re glad to announce version 2.5 of the Aqua Container Security Platform, which includes hundreds of improvements and new features. Our main focus has been on making the platform more scalable for our customer deployments, which include some of the world’s largest container setups.

Continue reading ›

Injecting Secrets - Kubernetes,  HashiCorp Vault and Aqua on Azure

One of the neat features of the Aqua Security solution is the ability to inject secrets into the environment of a running container, so that they never get written to disk. In this article I’m setting up an Aqua installation on Azure, using Kubernetes as the orchestrator and HashiCorp Vault as the secrets store, so …

Continue reading ›
Don't Leave Your Keys Exposed: Lessons from IBM Privilege Escalation Flaw

Don't Leave Your Keys Exposed: Lessons from IBM Privilege Escalation Flaw

Would you ever give your keys to a stranger? That’s exactly what someone at IBM did: they left private keys to the Docker host environment in IBM’s Data Science Experience service accessible to the outside world. Wayne Chang, security consultant who found this, explains in his original report:

Continue reading ›