Kube-Bench is one of the many an open source Kubernetes security tools that checks if your Kubernetes deployment meets the security benchmarks provided by CIS. As the name suggests, Kube-hunter hunts for security threats in Kubernetes. It enables administrators to address the issues before attackers exploit them.
As DevOps matured within organizations, the process became efficient and fast, but security ended up falling to the wayside. In this article, Gary Stevens explains why security is infiltrating DevOps and how the growth of DevSecOps creates a noticeable drop in the rate of data and security breaches.
A new Gartner report covering Containers and Kubernetes in Production, Aqua 4.0 enhances serverless security, Rancher introducing K3s, Runc Vulnerability still lingering, KubeSec 2019 Call-for-Paper, new Kubernetes API server vulnerability, 451 business brief about Cloud native security and more
Rani Osnat, vice president of product marketing for Aqua Security, says the platform now provides same level of support for functions running on a serverless computing framework and longer-running containers. The challenge with securing serverless computing frameworks is that no standard has emerged, so vendors such as Aqua Security need to navigate all the nuances […]
Aqua enables security teams to manage and enforce security policies across a blend of VM-based containers, Containers-as-a-Service (CaaS) and Function-as-a-Service (FaaS) spanning both multi-cloud and on-premises environments.
Aqua’s comprehensive serverless security solution now includes a full chain of controls to discover functions across multiple cloud accounts, scan them for vulnerabilities, detect excessive permissions and configuration issues, and provide function assurance – preventing the execution of untrusted or high-risk functions based on defined policies.
“The new technologies supporting cloud native applications require a holistic approach to security and compliance, across the application lifecycle as well as up and down the stack, and this has become more evident in recent months with significant vulnerabilities discovered in Kubernetes and runc for example,” notes Amir Jerbi, CTO and co-founder at Aqua Security. […]
Aqua Security: This tool is ideal to manage end-to-end DevSecOps pipeline security. It has very tight runtime security processes and controls in place. It offers full control over the containerized environment and prevents any intrusion or vulnerability across the pipeline.