Not rendering correctly? View this email as a web page here.
Container & DevSecOps Digest | April: CNCF Summit in Boston this week; KubeCon Europe on May 2nd; Kubernetes 1.10 released and what's new in it for security; VMware and Aqua announce collaboration to secure applications across VMs and Containers.

Events season just launched with the RSA Conference, followed by Cloud Foundry Summit, KubeCon Europe, Red Hat and  AWS Summits. This space is sizzling, with lots of exciting collaborations and technology advancements. We've collected some industry news for you, stay tuned for more announcements coming up. You're most welcome to contact us contact@aquasec.com and follow us on Twitter @AquaSecTeam
News You Can Use
Docker Containers AU REVOIR "Today, as I turn 34, Docker has quietly transformed into an enterprise business with explosive revenue growth and a developer community in the millions..." writes Solomon Hykes, the founder of Docker in his goodbye post. Read on Docker's Blog ›
Facebook Container Security How the Facebook privacy debacle is connected to the movement of IAM to containers. Gartner placed container security as one of the top ten technologies in 2017, indicating that security of data may be the hurdle to container adoption. This security concern may be holding back an important leap forward in application deployment. In large-scale systems like social platforms and CIAM; containers are a very attractive way of handling mass scalability, performance, and responsiveness but without security, they fall short of the mark. Containers, for example, can persist vulnerabilities in images as they are deployed. Read on CSO ›
Cloud Foundry and Kubernetes Containers Kubernetes and Cloud Foundry: Better Together Some see Kubernetes and Cloud Foundry as competitive projects. The reality? While there is some functional overlap between the two, they ultimately serve complementary purposes that work toward the same goal. By taking approaches that leverage both projects, organizations are actually making it easier to manage their entire cloud environment. Read on TheNewsStack ›
Container Images Open Container Initiative Sets Container Distribution Standard The Open Container Initiative (OCI) launched the Distribution Specification project to standardize container image distribution. A Linux Foundation project, OCI's purpose is to develop minimal common standards for software containers in an attempt to ensure that container solutions from all vendors are interoperable.  Read on Data Center Knowledge ›
VMWare Containers security VMware AppDefense Introduces Least Privilege Security for Containerized Applications ...another major step forward for AppDefense, is the ability to secure containerized workloads, demonstrating our continued commitment to securing applications running on any infrastructure. Read on the VMWare Blog ›
Secure Open Source components Developers Failing to Use Secure Open Source Components ...research revealed that 83% of respondents use either commercial and/or open source components, with an average of 73 used per application. It’s a widespread practice in DevSecOps as it helps to accelerate time-to-market and improve efficiency but can lead to flaws sneaking into the code base. Read on InfoSecurity 
KubCon Europe, Copenhagen, Denmark 2-4 May
Kubernetes News
This flagship conference gathers adopters and technologists from leading open source and cloud-native communities, for three days of cloud-native computing education and innovation. Among keynote speakers from CNCF, Google, Red Hat and VMWare, Aqua Security's Liz Rice, will be speaking about What's so hard about vulnerability scanning. and Benji Portnoy about Why you Should Really Pay Attention to K8S Security Best Practices. It is surely going to be fascinating. 

Come Visit Us, We'll be at Booth #C02
Aqua News
Containers Cloud Foundry The Cloud Foundry Summit is happening this week in Boston. Come meet Aqua there and learn about Using Aqua to Secure Applications on Pivotal Cloud Foundry enabling PCF customers to automatically scan droplets utilizing an Aqua Decorator buildpack.
Container Security VMware

Aqua Security Collaborates with VMware to Deliver Runtime Application Protection Across VMs and Container-Based Environments “As organizations deploy applications across increasingly diverse data center endpoints and hybrid cloud environments, security must address the application layer in an efficient and scalable way that supports those modalities,” said Tom Corn, senior vice president and general manager, security products at VMware. “Aqua Security’s in-depth visibility and control in containerized applications offers customers a valuable extension and enhancement to VMware AppDefense that will enable security teams to secure applications at a more granular level, regardless of how they are deployed.” Continue Reading ›
Container compliance Aqua Extends Container Security Platform With Compliance Features The enhanced capabilities are aimed at helping organizations meet different compliance requirements. Aqua now includes compliance checks to help identify personally identifiable information in container application images. In addition, the Aqua update can identify embedded "secrets" that include passwords and access tokens. Aqua also scans for malware in container images as well as container hosts to help identify threats... Read on eWeek ›
Container Security for AWS fargate

Kubernetes 1.10: What’s New in Security Kubernetes 1.10 was officially released recently, with many new enhancements and improvements. This version of Kubernetes, which is lighter on the security side compared to the recent 1.9 and 1.8 releases that were very security focused, offers several new worthy security-related features... Continue Reading ›
Aqua Securioty for Pivotal Cloud Foundry A Brief History of Containers: From the 1970s to 2017 If you can believe it, this March, Docker will be celebrating five years of existence. But that wasn’t the first time we’ve heard about containers. In honor of Docker’s birthday, let’s take a trip down memory lane and take a look at the major milestones in the lifetime of virtualized containers. Continue Reading ›
Kubernetes Networking Kubernetes Networking 101 New on the Container Technology Wiki - Learn about Kubernetes Networking: Kubernetes vs. Docker Networking Model, Kubernetes Networking Model Implementations, how Pods communicate with each other, incoming traffic, DNS for services and Pods, network policies, and network extensions. Learn More
Security Lessons Learned from Peers on Hybrid Cloud Environments
Security Hybrid Cloud
This webinar addresses the need for container-native security controls that span any environment (multi-cloud, on-premise). Based on results of a survey conducted by ESG, it zeros in on the disparity between containerized application deployment plans, to the level of threats facing organizations, and the ensuing lack of sufficient security controls and skills to deal with these challenges. During this webinar we review: Top attacks organizations are experiencing, operational and readiness gaps mapped to actions, and a proven container security framework. Watch On-demand Now
Ready to Secure your Cloud-Native Apps?
Aqua provides a container security platform that enables enterprises to secure their container-based applications from development to production.
Schedule a demo
Container Security