Not rendering correctly? View this email as a web page here.
Kubernetes Pen Testing; Cloud Native Threat Report; ONUG Fall 2020; KubeSec Workshops with Microsoft;; Red Hat Marketplace; Threat Alert: TeamTNT; Hacktoberfest

Welcome to the October issue of the Aqua newsletter. Although there’s a chill in the air as fall comes to parts of the U.S., the cloud native security world is heating up with innovations, creative hackers, and news of all kinds. So, grab your favorite sweater as you read through all the news we’ve compiled for you. And be sure to check out Aqua’s Cloud Native Threat Report, where our research team analyzed over 1600 cyber attacks on container and cloud native infrastructure. Or, if you’re looking for something a little more fun, check out our blog on this year’s Hacktoberfest — it’s sure to get you into the fall spirit.

News You Can Use
How to Automate Compliance and Security with Kubernetes: 3 Ways As security shifts left and closer to the start of the software development lifecycle, containerization and orchestration helps with security and compliance as you make that shift. Teams need to rethink their legacy security strategies, moving away from monolithic or waterfall-ish approaches. Check out The Enterprisers Project ›
Deploying DevSecOps on Amazon EKS with Aqua Security – Part 2 Part 2 (see part 1 here) takes a deeper dive into how to implement a secure application development lifecycle for Amazon Elastic Kubernetes Service (Amazon EKS). And we discuss the technical details of setting up your DevSecOps pipeline using AWS CodePipeline and Aqua Security. Read about it on the AWS website ›
U.S. Enterprises Adopt Containers in Cloud Native Computing U.S. enterprises are embracing cloud native, container-based computing but still face challenges in securing, managing and monitoring multicontainer applications distributed across multiple clouds. Read the report here ›
Kubernetes Pen Testing – a Guide Aqua’s Liz Rice responds to Kubernetes users about how to best confirm their deployment is configured safely and running securely. Liz provides tips for the budget conscious user that might be looking for something a little more cost-effective. See Professional Security Magazine ›
TechStrong TV – Cloud Native Threat Report Watch this informative video from Digital Anarchist for coverage of the Cloud Native Threat Report. Special guests include Daniel Spoonhower from LightStep, Jamshid Rezaei from Mitel, and Rani Osnat from Aqua Security. Read the Digital Anachist website ›
Cloud Native Threat Report: Attacks in the Wild on Container Infrastructure

Aqua's security research team, Nautilus, analyzed 16,371 attacks on container and cloud native infrastructure over a period of one year. This research covers the entire kill-chain of attacks against cloud native environments and provides a cohesive analysis. Get the report here.

Aqua News Improves Security and Operational Efficiency with Aqua set a goal to speed its development process and deploy applications faster – without sacrificing security. Read their story as they turned to Aqua to find just the right security partner. Read the case study here ›
Deploy Aqua at the Speed of DevOps using Red Hat Marketplace Aqua joins the e-commerce platform, Red Hat Marketplace. Providing a digital, transactable catalog, the marketplace makes it easy for IT leaders to find, test, and buy software that has been validated to work seamlessly with IBM and Red Hat products. See Red Hat Marketplace blog ›

Protecting Cloud VMs for Full-Stack Cloud Native Security Aqua’s Deepak Dalvi writes about the management of Virtual Machines (VMs) in the cloud – and how it is not like anything else in the cloud native environment. He explores new security methods and how they differ from traditional host-based security methods. Read the complete blog here ›

Threat Alert: TeamTNT is Back and Attacking Vulnerable Redis Servers TeamTNT previously grabbed headlines after launching several novel attacks against cloud native infrastructure. But TeamTNT has reemerged with a catchy logo “Still alive” embedded in their scripts and a brand-new Docker Hub account. Check out the blog here ›

Threat Alert: Cryptomining Campaign Abusing GitHub, Docker Hub, Travis CI & Circle CI Aqua’s Team Nautilus detected a campaign that hijacks resources to enable cryptocurrency mining. Images were scanned with Dynamic Threat Analysis (DTA) to detect and investigate this campaign within hours of its initial launch. Find out more here ›

ONUG Fall 2020: Securing the Cloud Today and Tomorrow Join Aqua’s Liz Rice on October 14-15 as she moderates a panel session on “Securing the Cloud Today and Tomorrow." They will discuss reference security architecture work, the opportunities around encrypted container security and other cloud security and management challenges. Register for this free event here ›

Hacktoberfest 2020: Celebrate Open Source with Aqua! If you’re as passionate about open source as we are, grab your laptop, get comfy, and - let’s get hacking - Hacktoberfest is here again! It’s a month-long celebration of something we all love - open source. Our second annual Hacktoberfest officially kicks off now! Check out Hacktoberfest ›

Webcast: Secure Application Development for Evolving Cloud Native Stacks Aqua’s CTO will join SC Magazine's Editor, Stephen Lawson, on October 8. They'll talk about secure application development for evolving cloud native stacks. Many organizations are now rethinking security tooling to maintain security in a faster-moving pipeline. Register here for this webcast
KubeSec Enterprise Workshops with Microsoft
KubeSec Enterprise Online

In this workshop, we’ll help guide you through the struggles of addressing security and compliance requirements for cloud environments. And we’ll demonstrate how you can make use of modern application development and deployment methods while increasing your overall security posture. Hands-on AKS lab environment sponsored by Microsoft. Check out times and other details here ›

Go cloud native with the experts!
See Aqua Enterprise in action
Schedule a Demo
Aqua Cloud Native Security