Not rendering correctly? View this email as a web page here.
Gartner's CNAPP Report; KubeCon NA Takeaways; Unveiling eBPF-Based CNDR; Runtime Security with Tracee; Trends in Real-World Container Use

October was a busy month for the cloud native community! We were excited to meet and connect with you at KubeCon – in person and virtually – and discuss what’s next for cloud native security at the KubeSec Enterprise vSummit. If you didn’t make it to the conference this year, make sure you read this excellent KubeCon summary and the KubeSec roundup with key takeaways. Aqua just announced CNDR, a new cloud native detection and response capability based on the powerful eBPF technology. And in case you missed it, check out Gartner’s report on how CNAPP is redefining the security of modern applications using the integrated full-lifecycle approach.

News You Can Use
KubeCon NA 2021 Key Takeaways: DevX, Security, and Community After three virtual-only conferences, the KubeCon NA 2021 went hybrid this year. The event discussed the multiple trends impacting cloud native and the challenges and opportunities around them. Key topics included eBPF technology, multi-cloud, supply chain security, and more.
Read the summary ›
10 Trends in Real-World Container Use Datadog examined more than 1.5 billion containers to understand how organizations are scaling and supporting their container environments. Today, almost all containers are orchestrated, and 90% of Kubernetes users are leveraging cloud-managed services. The report provides great insights into real-world container usage. Check it out
Read-only Filesystems in Docker and Kubernetes One of the simple practices to harden your containerized workloads to minimize the attack surface is setting the filesystem of your containers to read-only. This blog shows how to do this and create controlled exceptions using tmpfs in Docker and ephemeral volumes in Kubernetes. Learn all about it ›
Kubernetes Cluster API Reaches Production Readiness with Version 1.0 CNCF announced Cluster API v1.0 is now production-ready. Cluster API enables declarative management for Kubernetes, using APIs to easily create, configure, and update clusters. The project has demonstrated growing adoption, feature maturity, and a strong commitment to community. See the details on ›
Introducing VMware Tanzu Community Edition VMware released Tanzu Community Edition, a freely available, community-supported, open source distribution of VMware Tanzu. This easy-to-manage Kubernetes platform is offered “for learners and users, especially those working in small-scale or preproduction environments”. Find more ›
Google DORA Report Details Best Practices to Speed DevOps The 2021 Accelerate State of DevOps report from Google Cloud’s DORA group provides insight into the best practices of elite development teams. The report shows a significant increase in public cloud use. Also, companies with a multi-cloud strategy perform much better.
Read more about the State of DevOps in 2021 ›
Gartner Report:
Innovation Insight for Cloud Native Application Protection Platforms

In this recent report, Gartner defines the emerging Cloud Native Application Protection Platform (CNAPP) category. Gartner outlines the scope and benefits of a CNAPP platform and details the critical capabilities security practitioners should look for.

If you’re looking to secure your cloud native applications, this report is a must-read.

Get your copy today

Aqua News
Unveiling CNDR: eBPF-Based Cloud Native Detection and Response We announced CNDR, the most powerful cloud native detection and response capabilities in the industry. CNDR uses real-time behavioral indicators from Aqua’s research team to identify zero-day attacks from low-level eBPF events surfaced by Aqua’s open source project Tracee. Learn more about CNDR
Key Takeaways From KubeSec: Our 6th Enterprise Summit for K8s Security This month, the KubeSec Enterprise vSummit brought together hundreds of practitioners to discuss the state of cloud native security. Discover key themes and takeaways, including the evolution of K8s defense, the intensifying complexity of environments, and “Everything-as-Code” revolution. Read the blog ›

Tracee Runtime Security Series: Easy Installation on Kubernetes Despite hardening Kubernetes environments, it’s critical to be able to detect and respond to attacks in real time. Tracee, an open source runtime security tool, is a great way to get up and running with the visibility required to see these attacks in progress. See how to deploy Tracee in a few easy steps ›

Improving Kubernetes Security: Work on Your MUT When you’re getting started with Kubernetes security, it’s useful to focus on improving your “mess-up tolerance”, or MUT. That is, “How many mess-ups have to happen before something goes badly wrong?” This blog discusses how companies can make changes to their K8s configurations to improve their MUT. Check it out ›

AWS Cloud Native Security DevDay Together with AWS, we are running a global series of workshops Cloud Native Security Virtual Dev Days! Learn how security can be built into development, and how teams can maintain DevSecOps principles in their AWS environment. Register today ›

A Brief Guide to Supply Chain Security Best Practices With the rise in attacks targeting the supply chain of cloud native applications, you need to understand how to address the risks that enter your environments through third-party packages and tools. This post outlines best practices that should be included in an organization’s cloud native strategy. Find more ›

KubeSec Enterprise vSummit Presentations
KubeSec Enterprise vSummit 2021

Explore this year's KubeSec talks to get insights into supply chain security, the journey to a thriving DevSecOps function, the expanding threat landscape, and more.

Get access to the presentations

Go cloud native with the experts!
See the Aqua Platform in action
Schedule a Demo
Aqua Cloud Native Security