Security News

Entrust has announced its new partnership with Mirantis and the certification of its nShield hardware security modules with the Mirantis Kubernetes Engine. Entrust nShield HSMs become the first Mirantis-certified HSMs in the market to deliver enhanced security to the Mirantis Kubernetes Engine.

For December's Patch Tuesday bug bonanza, Microsoft handed out fixes for a mere 58 vulnerabilities while various other orgs addressed shortcomings in their own software in separate, parallel announcements. In a post on Monday to a Kubernetes mailing list, Apple software engineer Tim Allclair, a member of the Kubernetes Product Security Committee, outlined a medium severity bug by which an individual with the ability to create or edit services and pods could intercept traffic from other pods/nodes in the cluster.

The Kubernetes Product Security Committee has provided advice on how to temporarily block attackers from exploiting a vulnerability that could enable them to intercept traffic from other pods in multi-tenant Kubernetes clusters in man-in-the-middle attacks. CVE-2020-8554 is a design flaw that impacts all Kubernetes versions, with multi-tenant clusters that allow tenants to create and update services and pods being the most vulnerable to attacks.

Sysdig announced the launch of zero trust network security for Kubernetes. With total network visibility and automated rule creation, Sysdig reduces the time to implement network security from weeks to hours.

Trilio announced TrilioVault for Kubernetes v2.0, including a new management console to discover, control and manage data protection for Kubernetes applications across hybrid- and multi-cloud environments. As part of the latest TrilioVault for Kubernetes release, Trilio also announced enhanced enterprise-grade Kubernetes backup and restore capabilities, including comprehensive application support, certification of new distributions and multi-cloud enablement use cases.

Businesses increasingly embrace the moving of multiple applications to the cloud using containers and utilize Kubernetes for orchestration, according to Zettaset. While many companies are eager to adopt these new cloud-native technologies, research shows that companies are not accurately weighing the benefits of enterprise IT innovation with inherent security risks.

Container and Kubernetes security company StackRox on Wednesday announced the release of KubeLinter, an open source tool designed to help users identify misconfigurations in Kubernetes deployments. KubeLinter is a static analysis tool that checks YAML files, which store configuration data for Kubernetes applications, to ensure that security best practices are followed.

Though some security mechanisms are included by design, K8s by itself is not a security offering, and security settings aren't always enabled by default. Aqua's new Kubernetes security solution addresses the complexity and short supply of engineering expertise required to configure Kubernetes infrastructure effectively and automatically, by introducing KSPM - Kubernetes Security Posture Management - a coherent set of policies and controls to automate secure configuration and compliance.

AWS Security Hub gives AWS customers a comprehensive view of security posture across all their AWS accounts. As a single place that aggregates, organizes, and prioritizes security information from multiple sources, AWS Security Hub helps identify security findings and remediate security threats.

Cisco this week announced plans to acquire Kubernetes-native security platform Portshift. Founded in 2018 and based in Tel Aviv, Israel, Portshift focuses on providing security for Kubernetes and containers, and takes an agentless approach to delivering vulnerability protection across images, containers, and deployments.