Container & Cloud Native Security - October Flash

IBM bought Red Hat; Kubernetes 1.12 released; Better Windows containers on Windows server 2019; Istio on OpenShift; Securing Thin Host...

Not rendering correctly? View this email as a web page here. IBM just bought Red Hat; Kubernetes 1.12 released; Better Windows containers on Windows server 2019; Istio on OpenShift, Securing Thin Host, and Vulnerability management for Image Streams... Just when we've processed the big news about Docker's funding, in came the surprising mega acquisition of Red Hat by IBM, that will probably rock the cloud industry. Read about these and other, less dramatic - but still exciting bits, related to container and cloud native security.  Stay Connected contact@aquasec.com  Subscribe to The Aqua blog Follow us on Twitter @AquaSecTeam Subscribe to the Container Security Channel News You Can Use Kubernetes 1.12 Brings Volume Snapshots, TLS Improvements, and More This version brings snapshot and restore volumes, improvements to Transport Layer Security (TLS), Horizontal Pod Autoscaler (HPA), topology-aware dynamic provisioning, Advanced Auditing, topology support for the Container Storage Interface (CSI) plugin...  Read on InfoQ › Official: IBM to gobble Red Hat for $34bn – yes, the enterprise Linux biz  "The acquisition of Red Hat is a game-changer," said IBM boss Ginni Rometty. "It changes everything about the cloud market. IBM will become the world's #1 hybrid cloud provider, offering companies the only open cloud solution that will unlock the full value of the cloud for their businesses." Read On The Register › How to explain cloud-native apps in plain English Does cloud-native application development mean you're using a certain set of tools or methodologies or running those apps only in certain environments? And while we're at, how do you explain this stuff to everyone else in plain terms that they can understand? Read on The Enterprise Project › Istio on OpenShift: Technology Preview 2 of Service Mesh Now Available ...adding a whole new user interface from the upstream Kiali project. The Kiali user interface can help Istio users understand what's happening in their service mesh, canl show how the various components are connected, and can help to detect issues (HTTP 500, pod not started, misconfigurations) to better fix those... Read on the OpenShift Blog › Docker has raised $92 million in new funding The new funding is a signal that while Docker may have lost its race with Google's Kubernetes over whose toolkit would be the most widely adopted, the San Francisco-based company has become the champion for businesses that want to move to the modern hybrid application development and information technology operations model of programming.  Read on TechCrunch › 6 Things You Can Do with Docker in Windows Server 2019 That You Couldn't Do in Windows Server 2016 There are thousands of Windows Server 2016 machines running Docker containers in production, but there's always been a small functionality gap between Windows containers and Linux containers. Windows Server 2019 closes most of that gap, so Windows Docker containers are pretty much on a par with Linux containers. Read on Sixeyed Blog › DevSecCon: Container, serverless growth haunts DevOps security DevOps—a discipline barely a decade old—is continuously changing, and while many of the issues of how to secure software in the DevOps pipeline remain the same, new ones have cropped up as well.  Read on TechBeacon › New Book from O'Reilly: Kubernetes Security by Liz Rice and Michael Hausenblas Operating Kubernetes Clusters and Applications Safely  Kubernetes has fundamentally changed the way DevOps teams create, manage, and operate container-based applications, but as with any production process, you can never provide enough security. This practical eBook walks you through Kubernetes security features—including when to use what—and shows you how to augment those features with container image best practices and secure network communication.  Get your Free Copy › Aqua News DevOps Chat: Kubernetes Security Aqua Security has thrown its hat into the ring with Kubernetes, through a series of partnerships and its technology for securing container environments. Rani Osnat and Andy Feit from Aqua Security both recently discussed what's happening in the container space and Kubernetes. Listen on Container Journal › From Containers to Serverless: Keys to Securing Cloud-Native Workloads As your environment expands from managing your own containers to include Containers as a Service (CaaS) and Serverless, what are the new risks of abstracting the underlying infrastructure? During this webinar, we explore the impact of CaaS and Serverless deployments on the enterprise security landscape and how to best protect applications regardless of where they run.  Watch the Webinar › "Thin OS" Security for Container Hosts Since containers share the host OS Linux kernel, securing the host and securing the containerized applications that run on it are inseparable. A vulnerable container can be used to attack the host, but a vulnerable host OS will make the containerized application vulnerable to attack as well. Continue Reading › Securing Apps Across Containers & VMs - Ensuring Good Rather than Chasing Bad Implementing security at the speed of the business requires an approach that easily extends across both containers and VMs. Watch this webinar to learn how this integrated, highly scalable approach to securing VMs and containers through a combined solution allows security teams to visualize their security policy for VMs and containers. Watch the Webinar › Streamline Image Vulnerability Management for OpenShift Image Streams Red Hat's Openshift Container Platform allows building environments that work more efficiently for large and diversified setups, by using Image Streams. This requires a different security approach for tracking issues that work natively with OpenShift. Continue Reading › Shift Up: New Security Considerations for Containers-as-a-Service and Serverless Architectures Containers are applications vulnerable to privilege escalation, zero-day attacks, hostile takeovers, and data exfiltration. The later you discover a problem, the more difficult it is to mitigate the damage. This compels DevOps and information security teams to facilitate security's "shift left" to the beginning of the development cycle. Read on DZone › Liz Rice presenting Kube Hunter on the Cloud Natives Channel In the new Cloud Natives channel, Liz Rice presents and demonstrates Kube Hunter the popular free tool for Kubernetes automated penetration testing. Watch the Video ›  Don't forget to subscribe to the Cloud Natives channel to get more updates on everything Cloud Native.      Ready to Secure your Cloud-Native Apps? Aqua provides a container security platform that enables enterprises to secure their cloud-native and container-based applications from development to production. Schedule a demo Aqua Security   800 District Avenue, Suite 310    Burlington  MA   01803   United States You received this email because you are subscribed to The Container & DevSecOps Digest from Aqua Security . Update your email preferences to choose the types of emails you receive.