Aqua News

Tsvi Korren, chief solutions architect at Aqua Security, also agrees that the security standards need to be the same, regardless of whether an organization wrote its own code or is using some open-source component. “It doesn’t really matter if you write your own code or you get pre-compiled components or code snippets or just libraries, …

“Multi-cloud and hybrid cloud are gaining momentum on the enterprise CIO agenda, not just to avoid cloud provider lock-in, but as a strategy to push their organizations into a permanent mindset of cloud-native agility and flexibility,” says Amir Jerbi, CTO at Aqua Security. “Containers, being portable by nature, are a pivotal component in making that transition …

It’s widely recognized that Kubernetes has become the de facto standard for container orchestration. Just look at all the technology companies that are supporting Kubernetes in one way or another. It’s pretty clear the decision has been made to embrace Kubernetes. Aqua Security has thrown its hat into the ring with Kubernetes, through a series …

The security problems are the same as they always have been: vulnerable software being deployed—the traditional Meltdowns and Heartbleeds and ShellShocks—those kinds of vulnerabilities in software that get published and attackers find out about them. If you don’t have the tooling in place to secure all those instances, and attackers continue to look for the …

Containers can amplify kernel threats by sharing the same kernel and host. Poor container maintenance can expose IT environments to a higher risk of penetration. And unverified container images can be an invitation to malicious actors. Many risks can be reduced, however, if security considerations are baked into the container development process and the responsibility …

Amir Jerbi, CTO at Aqua Security, suggests explaining cloud-native as an app for booking airline flights. “As a cloud-native app, our flight booking app can run equally well on [public clouds] or private infrastructure. We can also update very specific features, fix small bugs, [and other needs] only by swapping out specific microservices components, with no …

IT organizations that have embraced Pivotal Cloud Foundry (PKS) now can download container security software from Aqua Security to scan containers running on the platform-as-a-service (PaaS) environment for vulnerabilities. Now generally available on the Pivotal Network, Aqua Security for PKS automatically scan application or container artifacts for known vulnerabilities based on a security intelligence feeds.

In this DevOps Chat we sit down with Rani Osnat and Andy Feit of Aqua Security to discuss what is happening in the container security market. The entire container space is of course exploding with this year’s North American KubeCon in Seattle shaping up to be a blockbuster event (https://events.linuxfoundation.org/events/kubecon-cloudnativecon-north-america-2018/)