vulnerabilities

Three Newly-Discovered Kubernetes Ingress Vulnerabilities Create Security Challenge
Three vulnerabilities were disclosed that impact ingress controllers based on open source Nginx software embedded within Kubernetes clusters ...

KSOC Shares List of Top Eight Kubernetes Vulnerabilities
Kubernetes Security Operations Center (KSOC) has published a list of the eight Kubernetes vulnerabilities that are most likely to be exploited. The list is based on an Exploit Prediction Scoring System (EPSS) ...

Sysdig Report Surfaces Major Lack of Container Security
A new Sysdig report finds 87% of container images have high-risk vulnerabilities of which 15% make their way into runtime environments. The report also finds that 71% of those vulnerabilities have a ...

Overcoming Container Security Gaps With Active Vulnerability Management
Organizations can reduce security risks in containerized applications by actively managing vulnerabilities through scanning, automated image deployment, tracking runtime risk and deploying mitigating controls. Kubernetes and containers have become de facto standards ...

Aqua Security Report Finds Malicious Images on DockerHub
Aqua Security has published a report that identifies five malicious Docker images that have collectively been pulled more than 130,000 times from the Docker Hub repository. The images hijack organizations’ resources to ...

Report: Docker Hub Container Vulnerabilities High
Prevasio, a provider of a cloud service for scanning container images, this week released a report based on a scan of 4 million public container images found in Docker Hub that concludes ...

5 Best Practices for Ensuring Secure Container Images
Most modern organizations understand that the earlier you integrate security into the development process, the more secure the applications will be in production. For containerized workloads, securing the container image throughout the ...

Kata Container Security is Good, but There’s an Achilles Heel
In an age where security is paramount, addressing the vulnerabilities in Kata containers has never been more important. What does container security have to do with ancient Greek mythology? Quite a lot ...

Anchore Adds To Container Security Toolbox
Anchore announced it is making available a series of open source container security tools that will make it possible to address a wide range of vulnerabilities long before an application is deployed ...

SentinelOne Automates DevSecOps in Kubernetes Environments
SentinelOne this week announced it has added an Automated Application Control Engine that employs machine learning algorithms that only allows approved secure workloads to execute on a Kubernetes cluster. Guy Gertner, vice ...