Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

KUBERNETES SECURITY
Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)
Earlier this week, a severe vulnerability in Kubernetes (CVE-2018-1002105) was disclosed that allows an unauthenticated user to perform privilege escalation and gain full admin privileges on a cluster. The CVE was given the high severity score of 9.8 (out of 10) and it affects all Kubernetes versions from 1.0 onwards, but fixes are available for recent versions. 
Read more
CONTAINER SECURITY
How to Secure Amazon ECS Workloads On Demand
In support of Amazon’s announcement this week at re:Invent surrounding the new AWS Container Marketplace, we’ve made the Aqua Container Security Platform available for on-demand consumption (pay as you go), via the newly minted AWS Container category in the Marketplace. We have several new listings in the AWS Marketplace, but in this blog I’ll cover …
Read more
CLOUD SECURITY
Serverless Security: The Importance of FaaS Risk Assessment
In my previous blog, I discussed the serverless services spectrum and the unique security considerations of serverless functions. In this post, I’d like to elaborate on the importance of preliminary risk assessment checks and their contribution to an effective security strategy, based on lessons learned in containerized workloads environments.
Read more
CNAPP, CONTAINER SECURITY
Istio: The Enterprise Upgrade Path to Microservices
Istio, Google’s open source project for large scale, containerized application management was released in May 2017 and has undergone rapid development since then, culminating in the landmark 1.0 release in July 2018. In this blog post we will be exploring what Istio is, how it works and how to adopt it. In subsequent articles in …
Read more
VULNERABILITY MANAGEMENT
Streamline Image Vulnerability Management for OpenShift Image Streams
In traditional cloud native environments, actions such as building and deploying applications will usually involve working directly with images hosted in one or more registries. Customers wishing to track changes in those images, in order to identify security and compliance issues, would need to set up an automatic process of constantly scanning them by connecting …
Read more
CONTAINER SECURITY
“Thin OS” Security for Container Hosts
In the spectrum of deployment options available for cloud native applications, the most widely used option, at least presently, is running containers on VMs that use the Linux operating system (or less frequently, bare-metal servers running Linux).
Read more
CONTAINER SECURITY
Securing ISV-Provided Container Images
Containers make it very easy to package and deliver applications, so it’s not surprising that many ISVs (Independent Software Providers) are leading the trend of packaging their software, whether it’s commercial off-the-shelf (COTS) or custom-developed code, as container images. These images are then fed into the enterprise customer’s CI/CD pipeline, and are often treated in …
Read more
RUNTIME SECURITY
Report by Gartner Highlights Maturing Options for Securing Containers
Gartner recently released a Technical Professional Advice report titled “Container Security — From Image Analysis to Network Segmentation, Options Are Maturing”* (by Joerg Fritsch and Michael Isbitski, 28 August 2018), with a detailed analysis of the space, including open source tools and commercial solutions. We’re pleased to see Aqua mentioned in this report, both for …
Read more
KUBERNETES SECURITY
Security for Pivotal PAS and PKS
After we made the Aqua Security Scanner for PCF announcement last spring, we started the process of supporting Pivotal Container Service (PKS).  Many Pivotal Cloud Foundry PAS customers have tested PKS and many are in production.   Having been on the security infrastructure side of life for a couple decades, this doesn’t surprise me at all because …
Read more
CNAPP
Securing Serverless: Persistent Security for Ephemeral Environments
Cloud native workloads terminology is used a lot these days to describe new technologies and deployment models of applications in the cloud universe. Serverless is a notable example of such cloud native-workloads: it prioritizes simplicity and agility over compatibility, control, and performance SLAs. It’s a revolutionary concept that abstracts away infrastructure concerns and provides a …
Read more
AQUA OPEN SOURCE
Kube-hunter – an open source tool for Kubernetes penetration testing
Aqua released a free tool called kube-hunter to help with Kubernetes Security. You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues – it’s like automated penetration testing. 
Read more
RUNTIME SECURITY
Out-of the-Box Policies Simplify Container Compliance
One of the challenges organizations have in using cloud native technologies is in figuring out how compliance requirements translate into actionable control points. Most regulations predate containers and serverless technologies and don’t have specific articles governing the use of such technologies. We recently released Aqua 3.2, where we rolled out key compliance controls pre-configured as …
Read more
Page 31 of 35‹ Prev272829303132333435Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links