By Dieter Reuter As we talked about before in this blog, containers are just vulnerable to be attacked as non-container workloads. Hackers can use many of their old tricks on new containers, such as application exploits, network attacks, or phishing scams. In this post and demo, I’ll show how to hack a Kubernetes container using… Read more »
Container Security
Shift Left, Then Right for Runtime Application Container Security
In this new Solution Showcase by Enterprise Strategy Group (ESG), Senior Analyst Doug Cahill reviews recent research on application container adoption trends, then outlines how to build security into the DevOps and SecOps use cases. Abstract: The broad adoption of application containers for both new applications and those being refactored into a microservices architecture has… Read more »
Container Security
Achieving PCI Compliance for Containers
Although microservices and containers are not explicitly mentioned in PCI-DSS for PCI compliance, organizations implementing these technologies must focus carefully on monitoring, securing, and governance. Microservices and containers offer some unique characteristics that support pci compliance. For example, microservices emphasize an architecture with one function per service/container. This aligns well with PCI-DSS 2.2.1, implementing only… Read more »
Docker Security
Delivering Shift-Left Security with NeuVector and JFrog Xray
Bringing Kubernetes app security insights to developers By Henrik Rosendahl & Craig Peters Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology, there are perils as well. Administrators are learning that deployments of these new cloud architectures can… Read more »
Container Security
NeuVector 2.0 Is Now Available!
We’re happy to announce that the 2.0 release of the NeuVector Container Security Platform is now generally available! The 2.0 release is a major expansion of the platform to include end-to-end vulnerability scanning, automated real-time security incident response, and enhanced multi-vector detection of container attacks. Cloud-native enterprise integration is also enhanced with OpenShift and Kubernetes… Read more »
Recent Posts
NeuVector Expands Kubernetes Security Solution with Release of Containerd and CRI-O Run-Time Support
The Implications of Kubernetes Vulnerability CVE-2018-1002105
Critical Kubernetes & OpenShift Vulnerability Exposes API Server
NeuVector Releases New Security Integration That Extends Kubernetes’ Built-in Admission Control Capabilities
NeuVector Included as Launch Company for New AWS Marketplace for Containers