Container & DevSecOps Digest: Container & DevSecOps Digest : Kube-hunter a new open source tool for Kubernetes penetration tests; The very first KubeSec Enterprise summit, Protecting Kubernetes applications on Google Cloud; Kubernetes service mesh comparison; Securing Pivotal PKS.

Kubernetes adoption continues to rise, managed kubernetes services, tools, and security enhancements sprout around to facilitate and automate the adoption, maintenance, and protection of K8s clusters.

Container & DevSecOps Digest : Kube-hunter, the new open source tool for Kubernetes penetration tests; The very first KubeSec Enterprise summit, Protecting Kubernetes applications on Google Cloud; Kubernetes service mesh comparison; Securing Pivotal PKS and serverless security news. While Kubernetes adoption continues the incredible and unstoppable rise, managed kubernetes services, supporting tools, and security enhancements sprout all around to facilitate and somewhat automate the adoption, maintenance and protection of Kubernetes clusters. Here are the most exciting news about Kubernetes and other cloud native related topics. You're welcome to contact us contact@aquasec.com and follow us on Twitter @AquaSecTeam.  News You Can Use Shift Up: New Security Considerations for Containers-as-a-Service and Serverless Architectures shifting left does not address the fact that deploying containers and migrating to cloud-native environments also necessitates the security team to"shift up" to focus on its new priority: protecting the application tier. Read on DZone › eBay Moves Away From OpenStack, Embraces Kubernetes and Docker "...our approach to technology is centered on an open source model. Open source is fueling our transformation, with technologies like Kubernetes, Envoy Proxy, MongoDB and Apache Kafka, propelling eBay to new performance levels for our customers. In a sense, open source gives us control of our destiny, offering greater capabilities to customize for eBay's needs." Read on eBay Blog › Introducing kube-hunter: an Open Source Tool for Discovering Security Issues in Kubernetes Clusters Kube-hunter augments the CIS validation for K8s deployments provided by kube-bench with discovery and penetration testing capabilities. Use kube-hunter to find Kubernetes installations in your environments, assess them for potential security risks, and receive suggestions on remediation for a wide range of vulnerabilities. Get kube-hunter Serverless Applications with AWS Lambda: 5 Use Cases  Is Lambda perfect then? Well...not quite, due to some architecture-based limitations ...or are they features? Lambda that prevent using the service to deploy monolithic applications. Such an approach empowers the intended way of using Lambda — for running collections of event-driven stateless microservices... we list 5 most prominent use cases of serverless applications with Lambda. Read on DZone › Building an Enterprise DevOps Strategy with Kubernetes  A series of full day events organized by Google, Rancher, GitLab, and Aqua, will take place in five locations across North America. Designed as a day of learning and education for technical audiences to help them understand how to implement Kubernetes within the enterprise. Following the success of the first day in NYC, roadshow continues to Chicago on the 25th followed by Washington D.C, Los Angeles and Boulder.  Istio vs Linkerd vs Linkerd2 vs Consul we compare every Kubernetes service mesh available today and work out who the winner is. In case you already read the Top10 list of Kubernetes applications article, the may be somewhat predictable Continue on Kubedex › Upcoming webinar: Fast & Secure. Protect Kubernetes applications on Google Cloud with Aqua Security Google said it themselves, "We are on a mission to make containers accessible to everyone, especially the enterprise."  But enterprises also need enterprise-grade security. This webinar, presented in partnership with Google, offers an overview of the container security space, central command center and marketplace. We'll explain, by way of example, the benefits of using Aqua's consumption-based container runtime security solution available on the Google Cloud Platform Marketplace.  Register Here › Aqua News KubeSec Enterprise Summit This very first KubeSec Enterprise Summit will take place during KubeCon Seatle will focus on the challenges faced by larger organizations with demanding security and compliance requirements when deploying Kubernetes in production. Co-hosted by Aqua Security, Amazon Web Services (AWS) and Red Hat.  Early-bird registration until Oct. 1st Register Here The thin host to serverless model is radically realigning your security responsibilities Amazon oversees the protection of the entire infrastructure that runs all of the services offered in the AWS Cloud, which comprises the hardware, software, networking, and facilities it uses to run AWS Cloud services. Over time, what AWS handles will increase and what you have to worry about will decrease. Whenever Amazon creates another service that shifts more of the infrastructure to their end and reduces operational load on the customer end, security moves with it. Read on CSO › Security for Pivotal PAS and PKS Since we announced Aqua Security Scanner for PCF last spring, we've been inundated with requests in regards to security for Pivotal Container Service (PKS). Now we're happy to announce an open Beta of Aqua for PKS. Learn More › Out-of the-Box Policies Simplify Container Compliance One of the challenges organizations have in using cloud-native technologies is in figuring out how compliance requirements translate into actionable control points. Aqua 3.2, rolls out key compliance controls pre-configured as out-of-the-box templates in our runtime policy.  Continue Reading › Report by Gartner Highlights Maturing Options for Securing Containers Gartner recently released a Technical Professional Advice report titled Container Security -- From Image Analysis to Network Segmentation, Options Are Maturing* (by Joerg Fritsch and Michael Isbitski, 28 August 2018), with a detailed analysis of the space, including open source tools and commercial solutions. Continue Reading › Securing Serverless: Persistent Security for Ephemeral Environments Aqua's solution for securing serverless functions addresses these vectors and minimizes their potential impact. We minimize the application code attack surface of serverless functions by scanning the function's code for opensource components, external libraries and OS dependencies. Continue Reading › Webinar: Active Workload Protection on Amazon EKS and AWS Fargate As enterprises mature their container implementations, they face challenges in large-scale orchestration, time-to-market, and security. Amazon's Managed Kubernetes Service (EKS) and AWS Fargate offer organizations great flexibility, scale and hassle-free options for deploying container-based applications. Watch this webinar with Scott Ward, Principal Solution Architect@AWS and Liz Rice, Technology Evangelist@Aqua to learn how to secure your AWS container deployments.  Watch Now ›   Ready to Secure your Cloud-Native Apps? Aqua provides a container security platform that enables enterprises to secure their cloud-native and container-based applications from development to production. Schedule a demo Aqua Security   800 District Avenue, Suite 310    Burlington  MA   01803   United States You received this email because you are subscribed to The Container & DevSecOps Digest from Aqua Security . Update your email preferences to choose the types of emails you receive.