Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Blog-Image--Trivy-CSPM-Capabilities-for-AWS (2)

New for Trivy: CSPM Identifies Misconfigurations of Your AWS Services

Every cloud provider has different resources that require detailed understanding to scan for security issues. To make this easier, cloud providers offer built-in security scanners. However, those may often lack functionality and integration into your existing stack.

Continue reading ›
Securing-the-cloud-native-transition-for-Windows-applications-on-AKS

Securing the Cloud Native Transition for Windows Applications on AKS

As a critical next step in securing Microsoft Windows containers running on Azure Kubernetes Service (AKS), Aqua Security has worked with Microsoft to make it easy for customers to deploy, upgrade, and auto scale deployment of cloud runtime security, assurance enforcement, networking segmentation and monitoring for …

Continue reading ›
Fileless-Malware-Detection

Intro to Fileless Malware in Containers

A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected. In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. 

Continue reading ›
Protecting Workloads Against Real-World Attacks with Ease

Protecting Workloads Against Real-World Attacks With Ease

Attackers are sophisticated, there is always a lag between zero days and mitigation, and production workloads are critical. So why is the adoption of runtime security for cloud native applications still lower than shift-left security practices for the same applications? 

Continue reading ›
Threat Alert: Cloud Network Bandwidth Now Stolen through Cryptojacking

Threat Alert: Cloud Network Bandwidth Now Stolen through Cryptojacking

This blog was co-authored by Asaf Eitani   

Threat actors are looking to increase their financial gain and thus deploy cryptominers which are considered easy to use and lucrative. Cryptomining involves complex calculations leading to high computation power and consequently increased CPU consumption and electricity (or …

Continue reading ›
Aqua-Advantage-Launch-image

Aqua Advantage Empowers Partners to Stop Cloud Native Attacks

When I was hired by Aqua in February, my charter was to leverage my experience and market knowledge to enhance the existing partner program and to build a team of rock stars to support partners based on the new program construct. What I found when I arrived was a program much like others – focused on partner tiers and …

Continue reading ›
Aqua Security AWS Security Competency Partner

Aqua Security Becomes AWS Security Competency Partner

Today, we are pleased to announce that Aqua Security has achieved the Security Competency in the Compliance and Privacy category in the relaunch of the Amazon Web Services (AWS) Security Competency. This designation recognizes that the Aqua Cloud Native Protection Platform (CNAPP) has demonstrated proven technology …

Continue reading ›
Detecting and Capturing Kernel Modules with Tracee and eBPF

Detecting and Capturing Kernel Modules with Tracee and eBPF

Security practitioners often need to investigate malicious artifacts in their environments, which can be challenging if those are deleted or loaded from memory. This is increasingly the case as threat actors are weaponizing Linux kernel modules to perform and hide their attacks. In this blog, we look into kernel …

Continue reading ›
06-22-CIS-Benchmark-Chain-Bench-blog-image-03-1

Audit Your Software Supply Chain for CIS Compliance with Chain-bench

The Center for Internet Security (CIS) has recently released the Software Supply Chain Security Guide, a set of practical, community-developed best practices for securing software delivery pipelines. As an initiator and one of the main contributors to this comprehensive and much-needed guidance, we at Aqua aim to help …

Continue reading ›
Node.js-DLL-hijacking-vulnerability

CVE-2022-32223 Discovery: DLL Hijacking via npm CLI

Aqua Team Nautilus recently discovered that all Node.js versions earlier than 16.16.0 (LTS) and 14.20.0 on Windows are vulnerable to dynamic link library (DLL) hijacking if OpenSSL is installed on the host. Attackers can exploit this vulnerability to escalate their privileges and establish persistence in a target …

Continue reading ›
8220 Gang Deploys a New Campaign with Upgraded Techniques

8220 Gang Deploys a New Campaign with Upgraded Techniques

A recent campaign by the 8220 gang, who have been known to exploit the newly discovered critical Confluence vulnerability (CVE-2022-26134), targeted one of our honeypots. This campaign has evolved over time to deliberately target containers. In this game of cat and mouse, the threat actors used some new techniques, …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...