Container & Cloud Native Security Flash - 2019 is here

The biggest KubeCon+CloudNativeCon ever, The very first KubeSec, AWS Firecracker, DevSecOps is a fact, Blog post series about Istio security

Not rendering correctly? View this email as a web page here. The biggest KubeCon/CloudNativeCon ever, the very first enterprise KubeSec event, AWS Firecracker, SANS report on DevSecOps, Webinar on AWS Lambda Security, Istio and more The biggest ever Kubernetes event held in Seattle in December proved beyond a doubt that 2018 was the year that Kubernetes went into its production phase. Such massive adoption brings with it inevitable challenges around security, tooling and management at scale. It looks like 2019 will be at least as exciting!  News You Can Use Closing the Kubernetes security gap: At KubeCon Seattle, Aqua held (together with our co-hosts AWS and Red Hat) the first conference focused on securing Kubernetes applications at enterprise scale. Read on Enterprise Times › AWS Doubles Down on Containers, Launches MicroVM Manager AWS launched  its AWS Container Marketplace with 160+ container-based products from a wide range of independent software vendors, as it launched a "container competency" programme and rolled out a raft of new tools including a micro-VM manager dubbed Firecracker... Read on CBR › Seattle '18: KubeCon + CloudNativeCon keynote: Save Yourselves! Liz Rice, Technology Evangelist at Aqua Security shows the dangers of running random YAML off the internet, and how admission controls and OPA can help mitigate some of the risks Watch the Video › It doesn't work with Docker or K8s right now, but everyone's going nuts for AWS's Firecracker microVMs If it's good enough for Lambda and Fargate, it's probably good enough for you Read on The Register › How VMware's Heptio purchase finally shows it's getting smart about open source ...Redmonk analyst Stephen O'Grady writes "containers broadly and Kubernetes specifically [are] becoming the next Java," not because they're programming languages (they're not) but because "from a workload portability standpoint their functional jobs to be done are on a converging path." It's why VMware paid a reported hefty premium for Heptio despite it, too, not yet having turned its code influence into cash. Read on TechRepublic › A SANS Survey - 2018 Secure DevOps: Fact or Fiction? This study conducted by SANS on security practices in software development is the first to specifically focus on DevSecOps. Diving deep into how security fits into DevOps, where security risks are and how they are being managed, and the top success factors in implementing a secure DevOps program. Get the Report › KubeCon+CloudNativeCon 2018 Keynote: Developing Kubernetes Services at Airbnb Scale This talk identifies key problems that make out-of-the-box Kubernetes less friendly to developers, and strategies for addressing them, based on Airbnb's experience empowering one thousand engineers to develop hundreds of Kubernetes services at scale. Watch the Video › Webinar: Runtime security across Kubernetes and AWS Fargate An encore Chalk Talk delivered by Liz Rice at AWS Re:Invent What are the best ways to protect workloads running on AWS Fargate? In this demo-rich chalk talk, including a live exploit, Liz will explore how techniques like image scanning and runtime protection tools can provide innovative ways to control and secure your containerized applications, even when there is no way to directly access the hosts that they are running on. Register Here ›  Aqua News How to Secure Amazon ECS Workloads On Demand In support of Amazon's announcement at re:Invent surrounding the new AWS Container Marketplace, we've made the Aqua Container Security Platform available for on-demand consumption (pay as you go) via the newly minted AWS Container category in the Marketplace, deployable on Amazon ECS. Read More › KubeSec Enterprise Summit: Kubernetes Security at Scale Amir Jerbi, CTO of Aqua, describes the challenges of securing Kubernetes in large scale deployments with many pipelines, many applications and teams, numerous stakeholders and multiple stacks Watch Video Istio: The Enterprise Upgrade Path to Microservices is the first post in a series of Istio blogs, discussing how to unlock Istio's full promise with a well-designed microservice architecture. The 2nd post, Istio Security: Zero-Trust Networking focus on Istio's security features: what they are, how they work and how they help protect your workloads and your data. Fast & Secure: Protect Kubernetes Apps on Google Cloud Google said it themselves, "We are on a mission to make containers accessible to everyone, especially the enterprise." But enterprises also need enterprise-grade security. Watch this webinar to learn how to protect GKE workloads, scan images in your pipeline and in the Google Container Registry, apply least-privilege security policies to your runtime environment, segment services on your cluster with container-level firewalling, and integrate with Google's Cloud Security Command Center. Watch the Webinar › Serverless Security: The Importance of FaaS Risk Assessment Continuous registry scans, as well as the insertion of security policies into automated image build processes (as in Red Hat OpenShift S2I) showed us the importance of adequate risk assessment and mitigation tools in the cloud native applications space. There's no point trying to cover a huge attack surface, when it's more effective to reduce it first. Read On › Open Source Security Podcast - Talking about Kubernetes and container security with Liz Rice  Josh and Kurt talk to Liz Rice about Kubernetes and container security. How did we get where we are today, what's new and exciting today, and where do we think things are going. Listen to the Podcast › Cloud Native Security at Scale: Multi-App, Multi-Cloud, Multi-Stack... Many organizations now run multiple cloud native applications, across disparate teams, running on-prem or on different clouds, and requiring varying levels of security and compliance. In this webinar you will learn how to better manage complex, multi-application, multi-cloud and multi-team enterprise environments with easy to manage policies, intuitive runtime visibility and role-based access control (RBAC) at scale. Watch Webinar ›   Ready to Secure your Cloud Native Apps? Aqua provides a container security platform that enables enterprises to secure their cloud-native and container-based applications from development to production. Schedule a demo Aqua Security   800 District Avenue, Suite 310    Burlington  MA   01803   United States You received this email because you are subscribed to The Container & DevSecOps Digest from Aqua Security . Update your email preferences to choose the types of emails you receive.