Chat with us, powered by LiveChat

Aqua News

Container security

Shift Up: New Security Considerations for Containers-as-a-Service and Serverless Architectures

September 23, 2018

Shifting left does not address the fact that deploying containers and migrating to cloud-native environments also necessitates the security team to“shift up” to focus on its new priority: protecting the application tier.

Read more ›

Container Security Best practices

Containers under attack: What your app sec team needs to know

September 5, 2018

“The attacks are generally not on the containers themselves, but on the applications running in them. The developer is installing all the software pieces in the container, and, because of that, the applications themselves are running with less hardening.” says Amir Jerbi, CTO at Aqua Security.

Read more ›

Secure Devops

The thin host to serverless model is radically realigning your security responsibilities

September 4, 2018

As you move more containers into production, you’ll discover that running containers on virtual machines requires only a minimal or “Thin OS”, which makes securing the operating system on the host level easier. You no longer need to leverage many of the other capabilities that enterprise-grade Linux provides, such as RHEL. Instead, you’ll use a […]

Read more ›

Container security

Introducing kube-hunter: an Open Source Tool for Discovering Security Issues in Kubernetes Clusters

September 2, 2018

Aqua Security has been actively participating in the open source community around Kubernetes security, including contributing significantly to the kube-bench project. We have followed that up with the release of the kube-hunter project, named for its ability to hunt for security weaknesses in Kubernetes clusters. Kube-hunter enables Kubernetes administrators, operators and security teams to identify weaknesses in their deployments and […]

Read more ›

Cloud native security

How to explain containers in plain English

August 27, 2018

Amir Jerbi, CTO and co-founder at Aqua Security: “Containers are a way for developers to easily package and deliver applications, and for operations to easily run them anywhere in seconds, with no installation or setup necessary. They enable this by embedding all the code needed in the container and using a process called a container engine to run the […]

Read more ›

Aqua Security Open Sources Container Pen Test

August 24, 2018

The kube-hunter project augments the validation for Kubernetes deployments based on specifications developed by the Center for Internet Security (CIS) that are already provided via Aqua Security’s kube-bench project. Aqua Security is hoping that other organizations will contribute additional penetration tests to the project.

Read more ›

Container security

Container & DevSecOps Digest | July: K8s apps on GCP Marketplace; Aqua Security 3.2; Kubernetes 1.11; Helm 3; Lockheed Martin’s containers adoption story, and thoughts on Serverless

August 3, 2018

Kubernetes has become the de facto container orchestration standard, with version 1.11 released last month. Now Google launched the first Kubernetes app store in the GCP Marketplace, with Aqua as the only container security solution there, making it easy to automatically deploy our solution as an add-on in your GKE cluster. Read about this and […]

Read more ›

Container Security Platform

Five Security Defenses Every Containerized Application Needs

July 31, 2018

“Companies are now shifting to adding more security controls into the development and deployment pipeline,” said Aqua Security’s CTO Amir Jerbi. “As you’re shipping the container into production, there should be automatic checks around the security gate that will evaluate that all the components are fine, and no one has modified anything.”

Read more ›