Not rendering correctly? View this email as a web page here.
The Cyberthreat Defence Report highlights containers as the weakest link; Google announces Anthos; AWS App Mesh goes GA; KubeSec Enterprise Summit in Europe; Serverless security for AWS Lambda, and more.

In case you missed it, earlier this month, Aqua announced Series C funding of $62M led by top tier investor Insight Partners. This is a huge vote of confidence in Aqua's technology and market leadership, and we are more motivated than ever to continue innovating and providing our customers with the best security solution for their cloud native journey.

Container Security AWS App Mesh – Application-Level Networking for Cloud Applications AWS App Mesh helps you to run and monitor HTTP and TCP services at scale. You get a consistent way to route and monitor traffic, giving you insight into problems and the ability to re-route traffic after failures or code changes. More on the AWS blog ›
AWS service mesh Google Cloud flashes flower power in bid to realize 'write once, run anywhere' dream Those who recall the blandly branded Cloud Services Platform, which consisted of the managed Google Kubernetes Engine (GKE), GKE On-Prem and managed Istio, can forget that name and start saying Anthos. What's new is the ability to manage containerized workloads on other cloud providers like AWS and Azure. Read on The Register ›
Container Security The CyberEdge Group: Annual Cyberthreat Defense Report Highlights containers as one of the “weakest links” in IT security. “As the initial wave(s) of containerized applications transition from the Dev/Test environment into production, enterprises – if they haven’t already done so – will need to take a more strategic approach to container security. Continuing to rely on tactical, piecemeal efforts featuring too-great emphasis on vulnerability scanning will only erode many of the gains containers are meant to deliver. Get the Report ›
DevSecOps tools Turn DevOps into DevSecOps without sacrificing automation As DevOps matured within organizations, the process became efficient and fast, but security ended up falling to the wayside. In this article, Gary Stevens explains why security is infiltrating DevOps and how the growth of DevSecOps creates a noticeable drop in the rate of data and security breaches. Read On Jaxenter ›
Kubernetes Security Serverless Cloud Security: How to Secure Serverless Computing Managing serverless security is all about having appropriate controls and policies in place. While cloud server security policies may well be effective for virtual compute server instances in the cloud, additional levels of control, granularity and visibility are needed for serverless computing. Read on eSecurity Planet ›
Kubernetes Security KubeSec Enterprise Summit 2019, May 20, Barcelona, Spain A KubeCon co-located event that focuses on the challenges faced by larger organizations with demanding security and compliance requirements when deploying Kubernetes in production. Whether you are just now beginning to roll out your first production implementation of Kubernetes, or are an early adopter looking to learn from the experience of your peers, you are sure to get valuable insights from this educational event. Register Now ›
kubernetes secrets Can Your Cloud Native Applications Keep a Secret? Managing secrets in applications and processes can be burdensome, and it’s understandably tempting for engineers to resort to storing secrets in unsecured plain text files or in the native secret stores of DevOps tools. Enter DevSecOps which makes it easier to extend good security practices to workloads, cloud native, containerized and serverless applications. Join this webinar with CyberArk to learn how to enable containerized applications to communicate securely with external resources. Join Webinar ›
The Emergence of Kubernetes and the Need for Enterprise-Grade Security

Kubernetes Security
It's not just about managing nodes anymore. With multiple applications, across disparate teams, on-prem or different clouds and orchestrators, there's a need for scalable security that’s easy-to-manage. Join Amir Jerbi, Aqua's Co-founder & CTO as he discusses how to better manage complex, multi-application, multi-cloud and multi-team enterprise Kubernetes environments with easy-to-manage policies, intuitive runtime visibility, and RBAC at scale. Watch Now ›
Aqua News

Kubernetes Security Security Configuration Benchmarks for Kubernetes When you’re running Kubernetes, how do you know whether it’s configured securely? With dozens or hundreds of different configuration parameters across the system, it’s challenging for Kubernetes administrators to know whether they have set them up correctly with good security practices in mind. Fortunately, there is guidance available in the form of the Center for Internet Security’s benchmark recommendations. Read Post ›
Service Mesh security Securing AWS App Mesh With Aqua Aqua provides fine-grained protection to microservices-based applications that use AWS App Mesh, by ensuring that the microservices infrastructure conforms to the organization’s security policy, and by providing visibility and control over the App Mesh network trafficContinue Reading ›
serverless security

Knative: The Serverless Environment for Kubernetes Fans To those already familiar with the concepts of container security, Knative introduces some new challenges. The automated Build process can bypass security controls that were implemented at the Registry level, since it creates a parallel deployment mechanism that should also be vetted. Read On ›

Container Security Gartner Names Container Security Among Top 10 Security Projects for 2019 Gartner writes: “Start any container security strategy in development by scanning for known vulnerabilities and configuration issues, and then extend the strategy to runtime protection.” While the rate of adoption is accelerating, the heightened sense of ownership of container issues will ensure that organizations manage their risk before deploying containerized applications in production.  Read On ›
Serverless Security 57 Easy Steps to Secure Serverless Functions While recent research indicates significant risks in serverless apps, these can largely be mitigated by using simple, automated steps in CI/CD pipelines. Taking the right preventative measures can significantly reduce risk and thwart potential attacks. In this webinar, we analyze the risks and attack vectors highlighted by OWASP and other research, and show how Aqua’s serverless security solution addresses them. Watch webinar ›
Webinar: Aqua Serverless Security for AWS Lambda

Cover Slide
Serverless creates the need for a new security solution that can address its unique framework. Aqua’s Serverless security solution leverages the Lambda layer to provide comprehensive protection and visibility into potential security pitfalls, risk-mitigation recommendations, and policy-enforcement options. In this webinar, presented in partnership with AWS, we will discuss how to secure your serverless workloads on AWS Lambda. Register Here ›
 
 
Ready to Secure your Cloud Native Apps?
The Aqua Cloud Native Security platform enables enterprises to secure their cloud native, container-based and serverless applications from development to production.
Contact Aqua