hardening Aqua Security

Hardening Kubernetes Beyond NSA, CISA Guidance

Information security and data privacy in the cloud has an abysmal track record. Hardly a week goes by without some major cloud-powered security-related incident making the news. We, as a community, need ...
misconfigured Kubernetes security

Misconfigured Argo Workflows Expose K8s to Attack

With the use of Kubernetes growing rapidly among enterprises comes increased opportunities for attackers to exploit the popular container orchestration platform’s weaknesses in security. This week, security specialist Intezer has detected a ...
CNCF security secure Kubernetes

7 Principles of DevSecOps With Kubernetes

In my article, “9 Pillars of Engineering DevOps With Kubernetes,” I explain that continuous security is a core pillar of every well-engineered DevOps. As indicated in the white paper, “From the Node ...
kubernetes Accurics security

How Not To Use Kubernetes: 5 Failure Stories

I recently came across a helpful compilation of Kubernetes failure stories, a public list maintained by Henning Jacobs, a senior principal engineer at ZalandoTech. This community-driven project provides a comprehensive view of ...
Kubernetes Security Flaw

Insecure Defaults Remain a Threat for Kubernetes

Secure-by-default settings make it easier (and safer) to onboard cloud-native technologies. And, thankfully, most default security profiles and configurations are, often, quite solid. Take Istio, which is secure by default and built ...
stateful kubernetes k8s Kublr

K8s and Cloud Security: Compliance Just Ain’t Enough

Over just two years, breaches caused by cloud misconfigurations exposed 33.5 billion records and generated an estimated $5 trillion in damages. Amid rising cyberattacks and novel vulnerabilities, overlooking cloud and K8s security ...
Calico

Tigera Cloudifies Calico to Secure, Monitor Kubernetes

Tigera today launched a software-as-a-service (SaaS) edition of a platform for monitoring and securing Kubernetes environments based on its open source Project Calico network virtualization software. Previously, the company made available an ...
DevSecOps Kubernetes

Portshift Secures Kubernetes APIs

Portshift today unveiled an extension to its lineup of container security offerings to secure Kubernetes application programming interfaces (APIs). Zohar Kaufman, vice president of research and development for Portshift, says Extended Kubernetes ...
DevSecOps Kubernetes

VMware Acquires Octarine to Advance Kubernetes Security

VMware this week announced its intent to acquire Octarine, a provider of a namesake cybersecurity framework based on a service mesh for Kubernetes clusters. The Octarine service mesh not only segments network ...
unikernel Sumo Logic

Sumo Logic Bets on StackRox to Secure Kubernetes

StackRox’s Kubernetes Security Platform is helping keep Kubernetes instances more secure for Sumo Logic Once an organization decides to embrace containers and Kubernetes, it’s only a question of when cybersecurity issues will ...