Docker Security

Alpine Linux Docker Image Vulnerability CVE-2019-5021

Attackers can login to root with no password on affected systems On May 8, 2019, a potentially serious vulnerability was announced affecting the Docker Alpine Linux container image. The vulnerability allows an attacker to authenticate as the root user with no password if using Linux PAM or other authentication means. Potentially thousands of downloads of… Read more »

Docker Security

Major Docker Security Hole Discovered

By Fei Huang A new docker vulnerability affecting container security,  CVE-2019-5736 was just announced, with some calling it a ‘Doomsday Docker Security Hole.’ This is just 2 months after the critical Kubernetes vulnerability was reported allowing attackers to take control of the api server. From one of the runc maintainers Aleksa Sarai: Aleksa stated that… Read more »

Docker Security

NeuVector Releases New Security Integration That Extends Kubernetes’ Built-in Admission Control Capabilities

Announced at DockerCon Europe, the Kubernetes security company will demonstrate its integrated solution that prevents vulnerable images from being deployed in production Barcelona, Spain – December 3, 2018 – NeuVector, the leader in container network security delivering the first and only next generation container firewall, today announced the addition of new Admission Control capabilities that… Read more »

Docker Security

Delivering Shift-Left Security with NeuVector and JFrog Xray

Bringing Kubernetes app security insights to developers By Henrik Rosendahl & Craig Peters Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology, there are perils as well. Administrators are learning that deployments of these new cloud architectures can… Read more »

Docker Security

Automating Image Scanning with Jenkins

By Xiaofeng Sun Containers provide an easy and efficient way to deploy applications. But container images may contain open source code over which you don’t have a full control. Many vulnerabilities in open source projects have been reported, and you may decide to use these libraries with vulnerabilities or not after scanning the images and… Read more »