Hi [[ session.user.profile.firstName ]]

The Container Security Channel

  • Date
  • Rating
  • Views
  • The State of Kubernetes Security
    The State of Kubernetes Security
    Liz Rice, Aqua Security & Michael Hausenblas, Red Hat Recorded: Mar 12 2019 26 mins
    Presented by the authors of the bestselling O’Reilly Book “Kubernetes Security: Operating Kubernetes Clusters and Applications Safely”

    Kubernetes is fundamentally a complex system with lots of different potential attack vectors aimed at data theft, currency mining and other threats. This talk provides an overview of the current state of security-related features in Kubernetes, and gives directional starting points on how to secure Kubernetes components and the applications that run on top of these Kubernetes components. For the topics explored, pointers on where to further investigate will be offered.

    Topics Covered:
    •Container image scanning and container security
    •Security boundaries (pod, namespace, node, cluster)
    •Securing the control plane and Kubernetes APIs
    •Authentication and authorization, including new tools available
    •Say no to root (and why)!
    •Runtime considerations, secrets management and more!
  • 57 Easy Steps to Secure Serverless Functions
    57 Easy Steps to Secure Serverless Functions
    Ariel Shuper Recorded: Mar 11 2019 54 mins
    All kidding aside, while recent research indicates significant risks in serverless apps, these risks can largely be mitigated using simple, automated steps in CI/CD pipelines, in both staging and production environments. Taking the right preventative measures can significantly reduce risk and thwart potential attacks.

    In this webinar, we analyze the risks and attack vectors highlighted by OWASP and other research, categorizing them into 4 categories based on their severity/potential impact. We will show how Aqua’s serverless security solution addresses each category, demonstrating the following:

    •Securing the serverless CI/CD pipeline
    •Automated checks in staging environments that create least privilege roles/permissions model
    •Profiling Functions’ behavior based data collected during runtime.
    •Usage of AWS Lambda layers to identify/block malicious activity in serverless functions
  • Shifting Left: Security Through Automation
    Shifting Left: Security Through Automation
    Aqua Security and CircleCi Recorded: Feb 28 2019 33 mins
    Presented in partnership with CircleCi

    Enterprises are doing what they can to foster a “security first” mentality within their IT organizations, but don’t always have the necessary skills in-house and may not take the steps needed to build security into an application by design.

    As DevOps accelerate application development and deployment, implementing security as an afterthought is no longer an option, since that approach cannot handle the velocity and scale of agile application deployments. Automation is key to embedding security into the DevOps pipeline and ensuring that code is secure before it’s deployed, not after.

    In this webinar, Aqua Security and CircleCI will show you how you can bake security into the development process, seamlessly, to ensure that your applications are fully secured throughout the development lifecycle. We’ll show you how you can:

    •Build software quickly, using custom job orchestration
    •See all of your builds at a glance, including failed builds and slow tests
    •Identify image vulnerabilities as you build your application
    •Configure your “risk-appetite" to pass or fail images in build based on vulnerability severity
  • Container and Cloud Native Security:  Sharing 3 Years of Valuable Experience
    Container and Cloud Native Security: Sharing 3 Years of Valuable Experience
    Dustin Aubrey with Aqua Security Recorded: Feb 20 2019 62 mins
    Container and Cloud-Native Application Security. It’s our passion. We’ve been there alongside our customers every step of the way: enabling them to secure applications before they're deployed, handling challenges in automating DevSecOps, helping them to scale without increasing risk, and more. We’ve learned a lot.

    During this webinar, learn from our three years of hands-on experiences in this rapidly evolving market working on some of the world’s most advanced and large-scale container deployments.

    We’ll share our views on:
    •What to invest your time in - what’s most impactful for the effort
    •What has been successful
    •What to do as you scale up
  • Best of Both Worlds: Keep your Apps Performant & Secure using Datadog and Aqua
    Best of Both Worlds: Keep your Apps Performant & Secure using Datadog and Aqua
    Rani Osnat, Aqua Security and Jason Yee, Datadog Recorded: Jan 31 2019 41 mins
    If your infrastructure is running a high load, how can you know whether that's a normal operation or a hacker who's just using your servers to mine bitcoins? In this webinar, we'll show you a better approach to securing containers and how the right combination of monitoring and security tools keeps your systems performant, reliable and secure – against crypto currency mining, and a lot more.

    In this webinar, we'll cover how you can:
    -Aggregate data streams and customize how your data is displayed
    -Track known vulnerabilities and security issues in existing images
    -Monitor containers running from unauthorized images
    -Monitor runtime policy violations and audit events
  • Why You Need a Cloud Native Security Solution and How to Evaluate One
    Why You Need a Cloud Native Security Solution and How to Evaluate One
    Benjy Portnoy, CISSP, CISA, Aqua Security Recorded: Jan 23 2019 50 mins
    Benjy Portnoy, Director of DevSecOps at Aqua Security, has spent the past 3 years working with dozens of organizations on securing their deployments of Kubernetes, Docker, Red Hat OpenShift and other cloud native technologies.

    In this webinar, Benjy will share his experiences to help you figure out:

    • What to expect from platform providers, security-wise, and what gaps remain
    • The maturity curve of securing cloud native applications (containers, serverless and what’s in between) – from the most basic controls to advanced runtime controls
    • What to expect from a cloud native security platform: Key criteria to consider
    • How to ensure that your organization is ready to go into production across various stake holders and teams
  • Security Considerations for CF Container Runtime vs. CF Application Runtime
    Security Considerations for CF Container Runtime vs. CF Application Runtime
    Rani Osnat, VP of Product Marketing, Aqua Security Recorded: Jan 15 2019 34 mins
    The growing adoption of containers and the availability of scalable orchestration tools (e.g. Kubernetes) are creating opportunities to develop more agile, easy-to-update applications that combine stateful and stateless modes. The emerging architecture combines both modalities, that have very different security considerations and risk profiles.

    While Cloud Foundry Application Runtime is well-suited to 12-factor application development, Cloud Foundry Container Runtime is better for flexible, rapidly-updated apps that can scale-out specific parts of the application in a very elastic way. However, from a security standpoint, CFCR presents challenges in the form of 3rd party open-source inflow, developer-driven code changes, and frequent updates. It also presents benefits in the form of immutability, better network segmentation, and lack of persistence on the host (the notion we sometimes refer to as “reverse uptime”).

    This webinar describes how to approach these divergent needs and demonstrates some of the methods and tools that can be used to mitigate risk without slowing down development.
  • Runtime security across Kubernetes and AWS Fargate
    Runtime security across Kubernetes and AWS Fargate
    Liz Rice Technology Evangelist, Aqua Security Recorded: Jan 10 2019 50 mins
    Kubernetes enables you to run containerized workloads at scale on a cluster of virtual machines, while AWS Fargate offers a flexible way to run containers without having to manage servers. What are the best ways to protect these workloads against attacks? In this demo-rich chalk talk, including a live exploit, we explore how techniques like image scanning and runtime protection tools can provide innovative ways to control and secure your containerized applications, even when there is no way to directly access the hosts that they are running on.

    Please join us for this encore Chalk Talk delivered by Liz Rice at AWS Re:Invent
  • Cloud-Native Security at Scale: Multi-App, Multi-Cloud, Multi-Stack, Multi-Team
    Cloud-Native Security at Scale: Multi-App, Multi-Cloud, Multi-Stack, Multi-Team
    Rani Osnat - V.P. Product Marketing, Aqua Security Recorded: Nov 28 2018 44 mins
    Containers and serverless adoption continues to expand, with the numbers of applications growing within enterprises. Many organizations now run multiple applications, across disparate teams, running on-prem or on different clouds, and requiring varying levels of security and compliance.

    Attend this webinar to learn how to better manage complex, multi-application, multi-cloud and multi-team enterprise environments with easy to manage policies, intuitive runtime visibility and role-based access control (RBAC) at scale.
  • Shift Left and Then Shift Up: Strengthening Your Security Posture
    Shift Left and Then Shift Up: Strengthening Your Security Posture
    Tsvi Korren - Chief Solutions Architect at Aqua Security Recorded: Nov 26 2018 54 mins
    The concept of “shift left” engages security earlier in the development cycle of cloud-native applications, accelerating development while reducing risk. However, migrating to cloud-native environments also necessitates the security team to “shift up”, focusing on the application layer to account for the shared-service model and “thin OS” environments that are prevalent in these environments.

    Attend this webinar to learn why Shifting Up provides improved security and cost efficiency in cloud-native environments, including:

    •Container environments
    •Containers as a Service (CaaS)
    •Serverless implementations

Embed in website or blog