Given the complex dependencies of container images, which can rely on other container images with potential vulnerabilities, it is crucial for developers to proactively identify and address container security vulnerabilities before deployment.

The post Unlocking the Full Potential of Container Vulnerability Scans appeared first on Cloud Native Now.

A global survey of 600 DevOps, engineering and security professionals finds more than two-thirds (67%) reporting their organization has delayed or slowed application development as a result of security concerns. Conducted by Red Hat, the survey also found 89% reported at least one related security incident during the last 12

The post Survey Surfaces Cloud-Native Application Security Challenges appeared first on Cloud Native Now.

Three vulnerabilities were disclosed that impact ingress controllers based on open source Nginx software embedded within Kubernetes clusters.

The post Best of 2023: Three Newly-Discovered Kubernetes Ingress Vulnerabilities Create Security Challenge appeared first on Cloud Native Now.

ARMO added support for VEX to Kubescape, an open source security posture management project for Kubernetes.

The post ARMO Brings VEX to Kubernetes Security Posture Management Platform appeared first on Cloud Native Now.

Kubernetes Security Operations Center (KSOC) has published a list of the eight Kubernetes vulnerabilities that are most likely to be exploited. The list is based on an Exploit Prediction Scoring System (EPSS) created by FIRST, a community of cybersecurity professionals that provides members with access to a range of collaboration

The post KSOC Shares List of Top Eight Kubernetes Vulnerabilities appeared first on Cloud Native Now.

A new Sysdig report finds 87% of container images have high-risk vulnerabilities of which 15% make their way into runtime environments. The report also finds that 71% of those vulnerabilities have a fix available that has not been applied. Sysdig’s report is based on an analysis of how containers are

The post Sysdig Report Surfaces Major Lack of Container Security appeared first on Cloud Native Now.

Organizations can reduce security risks in containerized applications by actively managing vulnerabilities through scanning, automated image deployment, tracking runtime risk and deploying mitigating controls. Kubernetes and containers have become de facto standards for cloud-native application development due to their ability to accelerate the pace of innovation and codify best practices

The post Overcoming Container Security Gaps With Active Vulnerability Management appeared first on Cloud Native Now.

Aqua Security has published a report that identifies five malicious Docker images that have collectively been pulled more than 130,000 times from the Docker Hub repository. The images hijack organizations’ resources to mine cryptocurrency and can be used as part of a supply chain attack targeting cloud-native environments. Three of

The post Aqua Security Report Finds Malicious Images on DockerHub appeared first on Cloud Native Now.

Prevasio, a provider of a cloud service for scanning container images, this week released a report based on a scan of 4 million public container images found in Docker Hub that concludes just over half the images (51%) were rife with critical vulnerabilities. Only 13% of container scans resulted in

The post Report: Docker Hub Container Vulnerabilities High appeared first on Cloud Native Now.

Most modern organizations understand that the earlier you integrate security into the development process, the more secure the applications will be in production. For containerized workloads, securing the container image throughout the application life cycle is a critical part of security, but many organizations don’t follow even basic best practices

The post 5 Best Practices for Ensuring Secure Container Images appeared first on Cloud Native Now.