Cloud Native Security, Container Security & Serverless Security Sun, 15 Jun 2025 15:50:21 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://www.aquasec.com/blog/gartner-cto-top-10-to-know-container-kubernetes-security/ Mon, 16 Jun 2025 11:00:24 +0000 https://www.aquasec.com/?p=25727 In the new Gartner Top 10 FAQs for CTOs on container and Kubernetes infrastructure report, there’s a strategic planning assumption that “by 2029, more than 95% of global organizations will be running containerized applications in production, which is a significant increase from less than 50% in 2023.” So is that it? Will container and Kubernetes …]]> https://www.aquasec.com/blog/kubernetes-history-how-it-conquered-cloud-native-orchestration/ Thu, 25 Jul 2024 04:13:34 +0000 https://www.aquasec.com/?p=21211 Did you know that Kubernetes originally had no built-in features for managing user permissions, or that support for storing data persistently didn’t appear until Kubernetes was four years old? If not, you might enjoy a dive into the history of Kubernetes on the tenth anniversary of the open source container orchestration system. This article highlights …]]> https://www.aquasec.com/blog/managing-kubernetes-secrets/ Mon, 15 Apr 2024 12:27:00 +0000 https://www.aquasec.com/?p=15886 If you deploy applications using Kubernetes – a platform that 96 percent of companies today report either using or considering – you’ll inevitably need to manage secrets securely inside Kubernetes. In some ways, this is a challenging task. Although Kubernetes provides some built-in capabilities to help manage secrets securely, these features have their limitations – …]]> https://www.aquasec.com/blog/introducing-kbom-kubernetes-bill-of-materials/ Thu, 29 Jun 2023 08:57:48 +0000 https://www.aquasec.com/?p=14376 SBOM (Software Bill of Materials) is an accepted best practice to map the components and dependencies of your applications in order to better understand your applications’ risks. SBOMs are used as a basis for vulnerability assessment, licensing compliance, and more. There are plenty of available tools, such as Aqua Trivy, that help you easily generate …]]> https://www.aquasec.com/blog/kubernetes-version-1-26-an-overview/ Thu, 08 Dec 2022 15:00:00 +0000 https://www.aquasec.com/?p=14533 Kubernetes Version 1.26 was released with 37 new enhancements including 11 Stable, 10 Beta, 16 Alpha, and 12 features deprecated or removed. In this blog, we will highlight its most notable features and show how using Trivy will help you find deprecated Kubernetes resources. registry.k8s.io, Generally Available The container image registry has changed from k8s.gcr.io …]]> https://www.aquasec.com/blog/amazon-eks-anywhere/ Wed, 29 Jun 2022 12:45:00 +0000 https://www.aquasec.com/?p=14745 With the release of Amazon EKS Anywhere (EKS-A) Bare Metal, Amazon Web Services has expanded the choices of infrastructure to deploy EKS Anywhere clusters using on-premise bare metal servers as a deployment target. In support of this, Aqua has worked to ensure that as customers adopt EKS Anywhere to automate Kubernetes cluster lifecycle management for …]]> https://www.aquasec.com/blog/kubernetes-1-24/ Mon, 25 Apr 2022 09:30:00 +0000 https://www.aquasec.com/?p=14831 With another Kubernetes release upon us, there are, as ever, a load of new features to consider. These include features to help companies use Windows containers securely and improvements in Kubernetes’ supply chain security. In this post, we’ll take a look at some of the more significant features of this release. Dockershim deprecation Undoubtedly, the …]]> https://www.aquasec.com/blog/kubernetes-rbac-privilige-escalation/ Wed, 06 Apr 2022 09:30:00 +0000 https://www.aquasec.com/?p=14889 Following on from our previous post on the risks of privilege escalation in Kubernetes via the node/proxy resource, we’re going to take a look at how users who have rights to the certificate signing request (CSR) API in Kubernetes might be able to use them to escalate their privileges in a cluster. In addition to …]]> https://www.aquasec.com/blog/privilege-escalation-kubernetes-rbac/ Thu, 03 Mar 2022 11:30:00 +0000 https://www.aquasec.com/?p=14960 One of the side effects of Kubernetes’ rich API and extensive functionality is that sometimes there are security implications to granting users permissions. Security architects should be aware of these side effects when designing platforms that use Kubernetes. In recent research with Iain Smart of NCC Group, we looked at how granting rights to node/proxy …]]> https://www.aquasec.com/blog/zero-trust-kubernetes/ Wed, 16 Feb 2022 12:55:59 +0000 https://www.aquasec.com/?p=14964 In late January, the White House published a memo that lays the groundwork for creating a zero-trust architecture for federal agencies. With renewed attention from the US government, zero-trust networking is an area that many organizations are focusing on to improve their security posture. With that focus, it makes sense to understand where these principles …]]>