Not rendering correctly? View this email as a web page here.
Pivotal Embraces Kubernetes, Securing Hybrid Clouds with Google Anthos and Aqua, Aqua 4.2 Brings Scanning Image Layers, Secure Multitenancy in Kubernetes, 'Exploring Uncharted Waters' Virtual Event and more

Aqua security was named the Best Security Company of the Year at the Annual Cyber Security Awards 2019. This  independent event with no affiliation with any media organizations or vendors, awards companies based solely on merit, excellence, and innovation. Read CSO's independent product review that explains how the Aqua Cloud Native Security Platform is able to enforce security policies while containers are being created, preventing any insecure or risky code from creeping into containers in the first place. 


Pivotal Container Service Pivotal Software Embraces Kubernetes The move is the first step toward eventually relying on Kubernetes to play a large role in the control plane within the PaaS environment, which is based on the open source Cloud Foundry project. Pivotal, as a member of the Cloud Foundry Foundation (CFF), already has access to Project Eirini, which enables the existing Diego container orchestration engine in Cloud Foundry to be replaced by Kubernetes. Read on The Container Journal. And more, on The Register: The inevitability of K8s: Pivotal CEO describes the pain and benefits of technology transition.
Container Security IBM drags Websphere devs towards Kubernetes with Kabanero package IBM is the latest to pile into devops darling Kubernetes, pulling its Kabanero project out the bag..."Architects and operations get overloaded with choices, standards, and compliance. Kabanero speeds development of applications built for Kubernetes while meeting the technology standards and policies your company defines," Read on The Register ›
Kubernetes Security Container security improves overall enterprise IT posture "I can take a container and run it and profile it and say, 'It makes these network calls, it runs these binaries and it has these packages,' and restrict that container to only do that," said Ross Hosman, head of information security at Recurly "That's something we didn't have in virtualization or on stand-alone servers, unless you went and did the SELinux policies and got really deep down into it. It wasn't automated like it is today." Read on TechTarget ›
Kubernetes Security CVE-2019-11246: Another kubectl Path Traversal Vulnerability Disclosed This new vulnerability that was recently disclosed enables path traversal in kubectl, the popular command line interface for running commands on Kubernetes clusters. What’s interesting about this CVE is that we’ve already seen two previous variations of the same vulnerability disclosed and patched. Read More
Kubernetes Security Open source and risk: 4 application security action items The latest Open Source Security and Risk Analysis report found open source code in over 96% of the more than 1,200 codebases audited for the study. Moreover, 60% of all the code contained in those codebases was open source...While there are many benefits to using open source code, there are risks, too...But there are ways to reduce the risks associated with open source code. Here are four must-do action items for application security teams. Read on TechBeacon ›
Hybrid Cloud Securing Hybrid Cloud Workloads with Google Anthos and Aqua With a centralized configuration tool like Config Management, enterprise tools such as Aqua Security can be deployed across all GKE or GKE On-Prem, and still have the desired granular control required depending on the type of resource that is needed to be secured. Read on //arctiq blog ›
Secure Multitenancy in Kubernetes - Present and Future

Kubernetes security
Multitenancy is a key capability for any cloud platform to gain widespread adoption. Without this, enterprises will often need to deploy and operate separate Kubernetes clusters for separate teams, which would be complex and expensive. In this talk, Sanjeev Rampal, Work Principal Engineer - Cloud & Networking Platforms at Cisco, will summarize a potential canonical model for multitenancy within Kubernetes that uses existing constructs including namespaces, role based access control, pod security policies, and newer container runtime isolation mechanisms such as Kata containers. Coming up on Aug 6. Register Now ›
Aqua News

Container Security Scanning Image Layers, Prometheus, and Harbor Integrations Aqua's scanner new capabilities: Container image layers scanning, vulnerabilities information & risk assessment of a layer before it is reused in other images. Continue ›
Container Vulnerability scanning Crypto-Mining Malware Outsmarting Image Scanners As crypto-mining malware gets more sophisticated and tries to outsmart image scanners, a second line of defense with runtime controls is necessary. More ›
Datree 360 x 165 Secure Git Level Source Code Repositories and Container Images Developers need to be confident that their code is compliant at the Git level, as well as having the ability to detect and manage image vulnerabilities through deployment in runtime. This use case will be presented in this joint webinar by Aqua and Datree. Register Here ›
serverless security Serverless Runtime Protection: Create the Optimal Balance Between Performance & Risks Serverless runtime security requires deep integration with functions’ code, validation of its input & outputs, and control over processes execution. But adding the recommended security controls has an impact on functions’ performance and cost (invocation durations). Aqua helps you achieve the optimal balance between implemented security control and functions runtime performance in one unified security platform. Watch to Learn How ›
container security Docker Image Scanning in your Codefresh Pipeline with Aqua Codefresh’s platform provides a unique way of implementing CI/CD for Kubernetes and Docker by using steps. By integrating the Aqua security platform as one of the build steps, Codefresh’s CI/CD benefits are augmented by providing the user with protection against security threats & vulnerabilitiesWatch this live demonstration of the image scanning in the CI/CD pipeline.
Container security Crypto-mining Attack: The Container Security Demo that Went Terribly Right Crypto-mining attacks were skyrocketing in 2017. It was strange to see it happening again now, during an Aqua security demo of container security... Read On ›
Meet Aqua Around the Globe: 'Exploring Uncharted Waters' Virtual Event, VMworld, and DevSecOps summit.

ContainerJournal
Exploring Uncharted Waters (Understanding the Kubernetes Ecosystem) a virtual event organized by Container Journal. Liz Rice will be there. August 8, Register Now ›
Meet Aqua in the Kubernetes DevSecOps Summit in Chicago on August 21, and in VMworld, San Francisco, August 25-29. 
The Kubesec Enterprise Summit North America has launched. The call for papers is open now!
 
 
Ready to Secure your Cloud Native Apps?
The Aqua Cloud Native Security platform enables enterprises to secure their cloud native, container-based and serverless applications from development to production.
Contact Aqua