Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Quantifying the Business Value of CNAPP: Total Economic Impact Study

Quantifying the Business Value of CNAPP: Total Economic Impact Study

Businesses have been embracing cloud native technologies because of their elasticity and flexibility. They allow enterprises to quickly scale and develop applications that are built with services packaged in containers, deployed as microservices and managed on elastic infrastructure through agile DevOps processes and …

Continue reading ›
Navigating Container Security within the FedRAMP Guidelines

Navigating Container Security within the FedRAMP Guidelines

The digital transformation journey of many organizations heavily leans on cloud technologies. As they migrate to the cloud, adhering to stringent security protocols becomes paramount. Enter FedRAMP(R) (Federal Risk and Authorization Management Program). It's a government-wide initiative designed to provide a …

Continue reading ›
The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets

The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets

Exposed Kubernetes secrets pose a critical threat of supply chain attack. Aqua Nautilus researchers found that the exposed Kubernetes secrets of hundreds of organizations and open-source projects allow access to sensitive environments in the Software Development Life Cycle (SDLC) and open a severe supply chain attack …

Continue reading ›
SEC vs. SolarWinds: A Cybersecurity Game Changer for CISOs

SEC vs. SolarWinds: A Cybersecurity Game Changer for CISOs

As winter winds swept across the US this month an even colder wind swept through offices of organizations everywhere, as the SEC brought charges against SolarWinds Corporation and its Chief Information Security Officer (CISO). With one simple indictment the lives of CISOs everywhere changed (even if they may not know …

Continue reading ›
50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures

50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures

Aqua Nautilus researchers evaluated the vulnerability disclosure process for tens of thousands of open-source projects and found flaws in the process. These flaws allowed harvesting the vulnerabilities before they were patched and announced. This could enable attackers to exploit security holes before the project's …

Continue reading ›
Scanning KBOM for Vulnerabilities with Trivy

Scanning KBOM for Vulnerabilities with Trivy

Early this summer we announced the release of Kubernetes Bills of Material (KBOM) as part of Trivy, our all in one, popular open source security scanner. In the blog we discussed how KBOM is the manifest of all the important components that make up your Kubernetes cluster: Control plane components, Node Components, …

Continue reading ›
Looney Tunables Vulnerability Exploited by Kinsing

Looney Tunables Vulnerability Exploited by Kinsing

Researchers from Aqua Nautilus have successfully intercepted Kinsing's experimental incursions into cloud environments. Utilizing a rudimentary yet typical PHPUnit vulnerability exploit attack, a component of Kinsing's ongoing campaign, we have uncovered the threat actor's manual efforts to manipulate the Looney …

Continue reading ›
A Nightmare on C- Suite: 6 Cloud Security Slashers in Your Organization

A Nightmare on C- Suite: 6 Cloud Security Slashers in Your Organization

In honor of October, known as National Cyber Security Month and more notably as today is Halloween, we thought we would have some fun with our blog and give you a tale of cyber security terror! 

Deep within the cryptic corners of a cluttered server room, the fate of your business teeters on a tantalizing tightrope, …

Continue reading ›
Exploited SSH Servers Offered in the Dark web as Proxy Pools

Exploited SSH Servers Offered in the Dark web as Proxy Pools

Aqua Nautilus researchers have shed brighter light on a long-standing threat to SSH in the context of the cloud. More specifically, the threat actor harnessed our SSH server to be a slave proxy and pass traffic through it. In this blog, we will explain this threat, demonstrate how attackers exploit SSH, what actions …

Continue reading ›
Ensuring Business Continuity at Aqua While Israel is at War

Ensuring Business Continuity at Aqua While Israel is at War

In a world fraught with uncertainties, global companies must be prepared to ensure continuity of operations, particularly in the face of the unexpected. With locations in the US, Israel, Singapore, India, Australia and London, we understand the importance of robust business continuity planning. Following the brutal …

Continue reading ›
New Vulnerability in curl and libcurl Could Lead to Heap Buffer Overflow

New Vulnerability in curl and libcurl Could Lead to Heap Buffer Overflow

A new high severity vulnerability (CVE-2023-38545) was published today along with a technical blog around the popular open source project, curl. This vulnerability could potentially, under various conditions, cause a heap overflow, which might lead to unexpected behavior, crashes, or potentially code execution. …

Continue reading ›