Not rendering correctly? View this email as a web page here.
Cloud Security in 2021; Aqua Vulnerability Database; Techniques for Attacking AWS Environments; KubeSec Agenda Published; Enforcing Least Privilege in K8s with Aqua KSPM; What is CSPM Infographic

Happy New Year! For us in cloud native industry, 2021 promises to be an exciting one. As companies accelerate their digital transformation, security will be more critical than ever. There’s a lot to look forward to – starting this month, KubeSec Enterprise Summit will bring together industry thought leaders and discuss all things cloud native security. To get into the right spirit, check out the key 2021 trends and predictions, as well as a round-up of Aqua’s most popular threat alerts. And, in case you missed it, explore our new handy infographic about Cloud Security Posture Management!
News You Can Use
Lesser Known Techniques for Attacking AWS Environments This blog looks into attacks targeting AWS accounts, exploring lesser known tactics for gaining initial access, recon, lateral movement between accounts, and data exfiltration. It also discusses some helpful strategies to protect against them. Check out the blog ›
Cloud security in 2021: Kubernetes attacks, DevOps, supply chain and more In 2021, threat actors will increasingly target Kubernetes environments, as well as software supply chains. The article lists the main trends in cloud native security as industry experts share their 2021 predictions. Read the article on CyberNews ›
All Kubernetes Versions Affected by Unpatched MiTM Vulnerability A new vulnerability CVE-2020-8554 was discovered in Kubernetes that allows attackers to intercept traffic from other pods in multi-tenant clusters. As it is currently unpatched, admins are advised to mitigate the issue by restricting the use of external IPs. Learn more on BleepingComputer ›
Secure Your Containers with Advice from Liz Rice In this interview, Liz Rice, our VP of Open Source, shares the main take-aways from her book on container security: what the implications of a shared kernel are, how to assess security risks, and what tools you should use to secure your container deployments. Check it out here ›
VMware Releases State of Kubernetes 2020 Report The new study reveals that Kubernetes use has skyrocketed significantly from 27% in 2018 to 48% in 2020. However, the majority of surveyed adopters (60%) still run less than half of their containerized workloads on Kubernetes. See the findings on Container Journal ›
The future of DevOps: 21 predictions for 2021 As DevOps has entered its second decade, TechBeacon asked DevOps pros and industry luminaries to weigh in on trends for the new year. In 2021, cloud native security is set to rise higher on the agenda for CISOs and DevSecOps will be more critical than ever. Read all predictions on TechBeacon ›
KubeSec Enterprise Online 2021
KubeSec Enterprise Online
KubeSec Online series kicks off on January 21st! The event will highlight many great talks from your peers and industry experts. The first session provides a deep dive into securing Azure’s managed AKS Environments, covering all the lifecycle of the container security from the human to the processes sides passing by the toolset.

Register for the first session here ›
Aqua News
Infographic: What is CSPM and Why You Need It By providing full visibility, automation, and remediation, Cloud Security Posture Management helps you achieve a secure and compliant cloud infrastructure. Learn all about it in our new CSPM infographic ›
CVE-2020-15275: New Vulnerability Exploits containerd-shim API A new vulnerability was discovered in containerd, a popular container runtime. When exploited, after providing a connection through the container to the host network, an attacker can gain root privileges on the host. Our research team Nautilus shares their own investigation of this CVE. Read the blog here ›

Evaluating and Enforcing Least Privilege in Kubernetes with Aqua KSPM The correct implementation of RBAC policies in K8s requires a lot of manual work. To solve this challenge, Aqua KSPM includes new controls based on our integration with Apolicy. In addition to ranking the risk, these controls recommend remediation based on best practices. Read the blog here ›
Unveiling Aqua Vulnerability Database, Strengthen Your K8s Clusters Our new Aqua Vulnerability Database (AVD) consolidates many scattered sources of open source vulnerabilities into a single view. In addition, AVD provides Kubernetes best practices and hardening, and best practices for cloud account configurations as well. Check out the blog here

Aqua’s Top Five Threat Alerts for 2020 The round-up of the most popular blogs by our security research team highlights the major trends in cloud native threat landscape. In 2021, the attacks will get even more sophisticated, targeting the cloud native supply chain and infrastructure. See the blog here ›

KubeSec Enterprise Online 2021 KubeSec is a series of online sessions on all things cloud native security, with a focus on Kubernetes. Hear from industry thought leaders, analysts and end-users as they share emerging trends, market insights, best practices, and more. Register here ›

Webinar: A Complete Approach to Cloud Native Security
Cloud Native Approach - Webinar Image

In this short webinar, we share the latest trends in cloud native security, as well as how Aqua protects your entire cloud native stack: the build, infrastructure, and workloads.
Watch the webinar ›

 
Go cloud native with the experts!
See Aqua Enterprise in action
Schedule a Demo
Aqua Cloud Native Security