Security News

IBM-owned Red Hat is to snaffle container security outfit StackRox and plans to fold the company's tech into its OpenShift platform. The amount being spent on the acquisition was not shared, although Crunchbase reported that StackRox has picked up more than $65m of funding in recent years, with a $26.5m investment led by Menlo Ventures as recently as September last year.

WekaIO announced that Weka File System, with its Kubernetes Container Storage Interface plug-in, has successfully completed interoperability testing with Rancher Labs' Kubernetes management platform. A complete software stack for teams adopting containers, Rancher is a leading choice for enterprises looking to run containers and Kubernetes in production.

Entrust has announced its new partnership with Mirantis and the certification of its nShield hardware security modules with the Mirantis Kubernetes Engine. Entrust nShield HSMs become the first Mirantis-certified HSMs in the market to deliver enhanced security to the Mirantis Kubernetes Engine.

For December's Patch Tuesday bug bonanza, Microsoft handed out fixes for a mere 58 vulnerabilities while various other orgs addressed shortcomings in their own software in separate, parallel announcements. In a post on Monday to a Kubernetes mailing list, Apple software engineer Tim Allclair, a member of the Kubernetes Product Security Committee, outlined a medium severity bug by which an individual with the ability to create or edit services and pods could intercept traffic from other pods/nodes in the cluster.

The Kubernetes Product Security Committee has provided advice on how to temporarily block attackers from exploiting a vulnerability that could enable them to intercept traffic from other pods in multi-tenant Kubernetes clusters in man-in-the-middle attacks. CVE-2020-8554 is a design flaw that impacts all Kubernetes versions, with multi-tenant clusters that allow tenants to create and update services and pods being the most vulnerable to attacks.

Sysdig announced the launch of zero trust network security for Kubernetes. With total network visibility and automated rule creation, Sysdig reduces the time to implement network security from weeks to hours.

Trilio announced TrilioVault for Kubernetes v2.0, including a new management console to discover, control and manage data protection for Kubernetes applications across hybrid- and multi-cloud environments. As part of the latest TrilioVault for Kubernetes release, Trilio also announced enhanced enterprise-grade Kubernetes backup and restore capabilities, including comprehensive application support, certification of new distributions and multi-cloud enablement use cases.

Businesses increasingly embrace the moving of multiple applications to the cloud using containers and utilize Kubernetes for orchestration, according to Zettaset. While many companies are eager to adopt these new cloud-native technologies, research shows that companies are not accurately weighing the benefits of enterprise IT innovation with inherent security risks.

Container and Kubernetes security company StackRox on Wednesday announced the release of KubeLinter, an open source tool designed to help users identify misconfigurations in Kubernetes deployments. KubeLinter is a static analysis tool that checks YAML files, which store configuration data for Kubernetes applications, to ensure that security best practices are followed.

Though some security mechanisms are included by design, K8s by itself is not a security offering, and security settings aren't always enabled by default. Aqua's new Kubernetes security solution addresses the complexity and short supply of engineering expertise required to configure Kubernetes infrastructure effectively and automatically, by introducing KSPM - Kubernetes Security Posture Management - a coherent set of policies and controls to automate secure configuration and compliance.