Hi [[ session.user.profile.firstName ]]

The Container Security Channel

  • Date
  • Rating
  • Views
  • Active Workload Protection on Amazon EKS and AWS Fargate
    Active Workload Protection on Amazon EKS and AWS Fargate Scott Ward, Principal Solution Architect, AWS and Liz Rice Technology Evangelist, Aqua Security Recorded: Sep 14 2018 38 mins
    Container adoption has been skyrocketing, but as enterprises mature their container implementations, they face challenges in large-scale orchestration, time-to-market, and security. Amazon’s Managed Kubernetes Service (EKS) and AWS Fargate, which runs containers without having to manage servers or clusters, offer organizations great flexibility, scale and hassle-free options for deploying container-based applications.

    The different modes of deployment also make it necessary to gain visibility and uniform security controls across EKS clusters and Fargate deployments. Protecting the application layer requires in-depth understanding of the workloads and their intended functionality.

    Attend this webinar to see how the combination of AWS security controls and Aqua’s comprehensive container security platform provide a complete solution for securing containerized applications:

    •Full life-cycle security controls that ensure applications are secured before they’re deployed
    •Visibility into the security and compliance posture of applications deployed across Fargate and EKS
    •Single-pane-of-glass management of security policy, uniformly across clusters and deployment modalities
    •Leveraging other native AWS services including Amazon ECR, AWS KMS, IAM roles, and PrivateLink

    Join our speakers Scott Ward, Principal Solution Architect, AWS and Liz Rice, Technology Evangelist, Aqua to learn how to secure your AWS container deployments.
  • Deploying a PCI DSS-Compliant Kubernetes Cluster
    Deploying a PCI DSS-Compliant Kubernetes Cluster Katie Paugh – DevOps Lola, K.S. Root – Senior Operations Engineer Lola, Sigalit Kaidar– Director of Product Marketing Aqua Recorded: Aug 29 2018 49 mins
    Based on the great presentation by the Lola team @Boston-Kubernetes-Meetup#10, we’ve decided to expand this important conversation. We will be hosting a more detailed webinar on PCI DSS to show how you can deploy a Kubernetes cluster that meets these security standards (including GDPR and NIST mandates), while still maintaining DevOps agility.

    This dedicated session will cover tools used, obstacles we’ve encountered, and important design decisions we’ve made to maintain compliant, while still preserving an agile development process.
  • Embedding Security into Your Cloud-Native Pipeline
    Embedding Security into Your Cloud-Native Pipeline Mostafa Siraj with Capital One and Rani Osnat with Aqua Security Recorded: Aug 3 2018 53 mins
    Embedding security into your cloud-native pipeline (SD Times)

    Aqua Security joins Mostafa Siraj with Capital One to talk about security for cloud native apps.

    In today's modern software factories, organizations are shifting security to the left. No longer just the purview of firewalls, security needs to be built in during development and deployment processes. By doing so, organizations can ensure they are limiting vulnerabilities getting into production while cutting costs of both downtime and code rework. Attendees will learn:

    •How to ensure that the use of open source doesn’t introduce vulnerabilities and other security risks
    •How to automate delivery of trusted images using a policy-driven approach
    •Empowering developers to secure their applications, while maintaining segregation of duties
    •Ensuring the consistent flow of images through the pipeline, with no side-doors or introduction of unvetted images
    •Enforcing immutability of containers, preventing container-image drift
  • Scanning Container Images for Package Vulnerabilities: A FreeTool from Aqua
    Scanning Container Images for Package Vulnerabilities: A FreeTool from Aqua Liz Rice Technology Evangelist, Aqua Security Recorded: Jul 23 2018 46 mins
    A container image scanner looks at the software packages included in the image file system and checks it against a list of packages with known vulnerabilities - typically the NVD. Because this is a critical first step in assessing risks in containers before they deploy, Aqua offers a free-to-use tool for scanning your container images for package vulnerabilities.

    Aqua’s scanner - which is the same whether you’re using MicroScanner or our full Container Security Platform - looks at many sources, such as the distributions’ own security advisories, and information from software developers themselves, to keep track of these differences. Our scanner does manual checks to further eliminate false positives and false negatives - a less common, but important, occurrence.

    Attend this webinar to learn by way of demonstration how to use this tool for vulnerability scanning in container images and what makes it different from other scanner tools.
  • Enforcing Immutability & Least Privilege to Secure Containers: Red Hat OpenShift
    Enforcing Immutability & Least Privilege to Secure Containers: Red Hat OpenShift Tsvi Korren - Chief Solutions Architect at Aqua Security Recorded: Jul 19 2018 48 mins
    One of the benefits of using containers, especially in microservices-based applications, is they make it easier to secure applications via runtime immutability—or never-changing—and applying least-privilege principles that limit what a container can do.

    With immutability, every attempt to change the runtime environment is interpreted as an anomaly. And, thanks to containers’ simplicity, it is easier to predict their behavior in the application context and create a tight security envelope, allowing them to perform only their required function and preventing behaviors outside that scope.

    In this webinar, Tsvi Korren, Chief Solutions Architect at Aqua Security, will explain and demonstrate how an approach that enforces immutability and least privilege can secure applications in an active container environment.
  • Protéger vos applications conteneurisées du développement à la produ
    Protéger vos applications conteneurisées du développement à la produ Webinaire Devoteam + Aqua Security Recorded: Jun 28 2018 39 mins
    Ce webinaire va se concentrer sur la manière de sécuriser les conteneurs dans n’importe quel environnement IT tout en maintenant une haute disponibilité des services. Nous aborderons les défis en terme de sécurité de tels environnements et comment protéger les applications dans les conteneurs, de leur développement à la production en utilisant des contrôles de sécurité, des secrets et des accès en se référant aux standards de sécurité et de compliance (CIS, NIST… ).

    Ce webinaire est principalement destiné à :
    -Les administrateurs de la sécurité et les architectes qui veulent en savoir plus sur les risques et les avantages de l'utilisation des conteneurs, et comment les sécuriser efficacement
    -Les équipes de développement d'applications et les équipes DevOps qui souhaitent proposer des applications plus sécurisées
  • MicroScanner: Free Image Vulnerability Scanning Plugin for Jenkins
    MicroScanner: Free Image Vulnerability Scanning Plugin for Jenkins Rani Osnat Recorded: Jun 25 2018 4 mins
    This is a 3 minute "how it works" demo of the free Aqua MicroScanner Jenkins plug-in vulnerability scanner that you can embed into the dockerfile and automate scanning during image build.

    Please refer to the attachment section to get the link to download the Microscanner.
  • Kubernetes – How to Prevent Attacks with Admission Controllers
    Kubernetes – How to Prevent Attacks with Admission Controllers Benjy Portnoy, CISSP, CISA, and Rani Osnat, VP Product Marketing at Aqua Security Recorded: Jun 19 2018 34 mins
    This is an expanded version of what was presented at the KubeCon Lightning Talk

    An admission controller intercepts requests to the Kubernetes API server prior to persistence of the object. By applying proper admission controls in your Kubernetes cluster, it's possible to generate deployments that adhere to the least privilege model, limiting user and container activity based on their business usage needs.

    In this session, we will review the latest and greatest Kubernetes 1.10 admission controller capabilities. We will demonstrate in a live demo a dynamic admission control webhook that can be customized to limit privileged user access.

    You’ll walk away understanding how to make such standards easier to implement and methods for going beyond them to provide security worthy of critical applications in production.
  • Running Workloads with Privileges = Running with Scissors
    Running Workloads with Privileges = Running with Scissors Liz Rice Technology Evangelist, Aqua Security Recorded: May 31 2018 36 mins
    This webinar is an encore/expanded version of Liz Rice’s keynote address from KubeCon in Copenhagen held May 2018

    During this webinar we’ll explore some common risks that many users are - often unknowingly - taking with their cloud native deployment by running workloads with more privileges than they need.

    Liz Rice, Container Technology Evangelist, will demonstrate how containers run as root by default, and show by example why this is something you should try to avoid.
  • Improve Security with Automated Image Scanning Through CI/CD
    Improve Security with Automated Image Scanning Through CI/CD Liz Rice Technology Evangelist, Aqua Security Recorded: May 25 2018 25 mins
    When it comes to securing an application deployed on Kubernetes, automation through a CI/CD pipeline is key. Using cloud-native security tools that hook right into Jenkins or your favorite CI/CD tool, enterprise security teams can set policies for developers who are building container images. The pipeline enforces those policies through automated vulnerability scanning of each image during the build process. Developers only deploy images that the security team is confident in because they’ve been scanned.

Embed in website or blog