Container Security

Kubernetes Security Features Improve with 1.7 Release

By Gary Duan Kubernetes 1.7 was recently released. The highlights of the release include much improved security features. Here’s a summary from the Kubernetes blog: At-a-glance, security enhancements in this release include encrypted secrets, network policy for pod-to-pod communication, node authorizer to limit kubelet access and client / server TLS certificate rotation. Security is often… Read more »

Container Security

How to Achieve Continuous Container Security for Your CI/CD Pipeline

Integrate and Automate Security in Your Build, Ship, & Run Processes As enterprises move quickly to deploy containers and microservices with a continuous integration and delivery (CI/CD) pipeline, security often becomes an afterthought. DevOps and security teams should also strive to achieve continuous container security in the pipeline. The starting point for container security is… Read more »

Docker Security

Can the Linux Stack Clash Vulnerability Affect Containers?

The recently discovered ‘Stack Clash’ vulnerability in Linux-based systems is another critical security issue like Dirty Cow, but can the stack clash vulnerability affect containers, and what could an attacker do? The short answer is yes, an attacker could exploit the vulnerability to gain root privileges within a container, but not necessarily be able to… Read more »

Container Security

NeuVector Contributes Open Source Tool for Kubernetes CIS Benchmark for Security

Also is the First to Implement Distributed Security Auditing for Kubernetes 1.6 Deployments [UPDATE]: NeuVector open source tool and product now supports Kubernetes 1.7 and the newly release 1.8 CIS benchmark By Gary Duan The Center for Internet Security (CIS) recently released the Kubernetes CIS Benchmark for Kubernetes 1.6 security auditing. Many companies planning deployments… Read more »

Docker Security

The ‘SambaCry’ Samba Vulnerability in Containers

By Fei Huang There’s a new vulnerability which could affect containerized apps; this time it’s the Samba vulnerability affecting Linux networking. Samba allows non-Windows operating systems to share network shared folders, files, and printers with a Windows operating system. The network security space keeps catching people’s eyes recently with new exploits affecting popular systems. The… Read more »