Not rendering correctly? View this email as a web page here.
Gartner's Guide for Cloud Workload Protection (CWPP); Self-Securing Infrastructure in Public Clouds; Risk-Based Vulnerability Management; Threat Alert: Attacker Building Malicious Images Directly on Host

Welcome back!  To start things off, we recently announced our complete cloud native application protection platform, which has an even broader, more robust, and more integrated set of capabilities. It brings Cloud Workload Protection Platforms (CWPP), Cloud Security Posture Management (CSPM), and DevSecOps seamlessly together. In fact, leading research companies covering Cloud Native technologies are also taking notice of the combined value of CWPP and CSPM — and obviously, we couldn’t agree more. Aqua is redefining what it means to be a cloud-native security company by applying a critical focus on freeing your developers and allowing our customers to run with minimal security constraints. 

News You Can Use
newsletter_2020_bullet_blue Gartner Report: 2020 Market Guide for Cloud Workload Protection Platforms Gartner is advising its clients to: favor CWPP vendors specializing in container orchestration monitoring and serverless functionality; require CWPP vendors to offer integrated CSPM to identify risky configurations; extend workload testing into CI/CD pipelines; seek CSPM offerings that focus on more than just runtime protection. Get the Guide Here ›
Google Open Sources Trademarks with the Open Usage Commons  Some vendors are confused by Google’s move to place three of its open-source projects' trademarks under its new Open Usage Commons organization. Trademarks have long been important to open-source companies and organizations, which is why most open-source projects already trademark their names and logos. Check out ZDNet for details  ›
Microsoft Introduces Open Service Mesh for Kubernetes, Plans Quick Donation to CNCF Microsoft plans to donate a new open source project for an extensible service mesh that runs on Kubernetes to the Cloud Native Computing Foundation (CNCF). The new interface was introduced by Linkerd and vendors including Microsoft and Hashicorp in hopes of creating a standard interface for service meshes on Kubernetes.  Read all about it in The Register ›
Is Kubernetes the Key to Unlocking the Benefits of Containerisation? Recently, Gartner reported that three-quarters of businesses want to have containerised applications by 2022, but at present just 30% are using them. A possible reason for this is that the task of managing and maintaining containers is still a major concern. However, this article shows how Kubernetes is like Swiss army knife, it can perform a number of useful functions. Read all about it at CloudTech ›
Deploying from Docker Straight into Fargate and ACI Docker has expanded its strategic partnership with Amazon and integrated Docker with Amazon Elastic Container Service (ECS) with AWS Fargate. Docker has also simplified code to cloud application development for developers and development teams by more closely integrating with Azure Container Instances (ACI). Read more about both initiatives at Docker with AWS and Docker with ACI ›
Suse Acquires Kubernetes Management Platform RANCHER LABS Suse has acquired Rancher Labs, a company focused on making it easier for enterprises to make container clusters. Like similar companies, Rancher’s focus has pivoted from Docker to Kubernetes, the de facto standard for container orchestration. Read the complete story on TechCrunch ›
Threat Alert: Attacker Building Malicious Images Directly on Your Host Aqua’s cybersecurity research team discovered a new type of attack against container infrastructure. Attackers exploited a misconfigured Docker API port to build and run a malicious container image on a host. This represents the first time we’ve seen an attack where the attacker builds an image, rather than pulling it from a public registry. Read more on SC Magazine ›
Automate Security Controls into your DevOps Workflows
Openshift Security
Red Hat Webinar Series Join key partners — including Aqua Security — at Red Hat's upcoming webinar series on accelerating your DevOps adoption.  Aqua's Cloud Integration Architect, Manasi Prabhavalkar, will present: Automate security controls into your DevOps workflows at noon on August 19.  Register Today ›
Aqua News

Achieving a Self-Securing Infrastructure in Public Clouds After investigating several cloud security breaches, Aqua found that the kill-chain for almost every breach we looked at involved the exploitation of misconfigured or mismanaged cloud infrastructure settings. That’s why the remediation of public cloud configuration issues is the primary mission of Aqua CSPM.
Read the Blog ›

Risk-Based Vulnerability Management in Container Images Simply put, there’s an overwhelming number of vulnerabilities in container images. No matter the size of your organization, it’s a significant challenge to identify the biggest risks to your business and know what to tackle first. What’s required is a more holistic approach to enable prioritizing by risk and context — this is exactly what you get with Aqua. Check out the Risk-based Vulnerability Blog ›
Inspecting Starboard Through the Lens of a Kubernetes IDE In this video Daniel looks under the hood of the Starboard CLI and its "find vulnerabilities" command, showing how Starboard schedules scans as native Kubernetes jobs. He also explains how to troubleshoot a failing scan job in case of failures. All that is explained with the help of a Kubernetes IDE called Lens. Watch the Video ›
BeerSecOps #13: Security for Serverless Functions with Dean Bryen Dean Bryen is a developer advocate working for Microsoft with a focus on serverless security. He is very active in the community in London having worked on the London 2012 Olympics, was part of the early serverless at AWS and is now bringing clarity to the definition of serverless itself as well as the new attack surface it brings. Listen to the Podcast ›

Threat Stack for Aqua Security now on Red Hat Marketplace Red Hat is extending its marketplace to include solutions from Aqua and others. The marketplace was built by Red Hat and IBM as an open cloud space for users to discover and access certified software for container-based environments. The Aqua Platform features visibility into application activity and the ability to detect and prevent suspicious activity and attacks. Read all about it in ITOps Time.

KubeSec North America Call for Papers Here’s your chance to share your insights and experience with implementing Kubernetes and adjacent technologies, as well as how you address security and compliance requirements.  So, get your submissions in for the upcoming online KubeSec Enterprise Summit in November 2020. The submission deadline is October 5. Submit Your Papers ›
Introduction to Cloud Native Application Security
Introduction to Cloud Native Application Security Webinar Series This popular series of on-demand webinars offers “security 101” coverage for Containers, Kubernetes, and Cloud Native Application Platforms. You’ll learn all the basics as we explore each topic area and demonstrate best practices and initial steps for getting started with securing your workloads. Register here to receive the recordings ›
 
Go cloud native with the experts!
See Aqua Enterprise in action
Schedule a Demo
Aqua Cloud Native Security