Aqua Blog
Experts insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Serverless Security

Performance-Optimized Runtime Protection for Serverless Functions with Aqua

In order to protect serverless functions while they are running, you need to consider the very short execution times and ensure that you’re not slowing down applications or increasing cloud usage costs. In Aqua CSP 4.2, we’ve now introduced advanced runtime protection that does just that, while complementing our …

Continue reading ›
VulnerabilitySheildBlog-F1

Mitigating Container Image Vulnerabilities with Aqua Vulnerability Shield™

Managing known vulnerabilities in container images has been one of the first issues to get the attention of organizations that adopt containers. Knowing what vulnerabilities (CVEs) lurk in your image code is important, but fixing or patching the images that contain vulnerabilities has been a challenge, since it’s …

Continue reading ›
Identity management Aqua cloud native security

Simplifying Access to the Aqua Platform with Okta

Enterprise-grade solutions are expected to integrate with existing enterprise infrastructure, including providing SSO to authenticate users without requiring separate definitions of user identity and access credentials.

Continue reading ›
Devsecops pipeline

Shift Security Left, Then Shift Up

Many of you may be familiar with the shift left security approach in which security is built in at an early stage of the application development life cycle. It is easier and more effective to do it early, rather than discover security issues later in the game, when applications are already deployed. When issues are …

Continue reading ›
Kubernetes RBAC

Kubernetes RBAC: Asking for Forgiveness or Getting Permission

This blog is dedicated to my Mum. She was a leading psychiatrist who loved learning and traveling. She was a huge inspiration to me. I think she would be proud that I’m pursuing my passion of traveling around the world teaching what I love.

I want to start with a quote attributed to another inspiring woman, Grace …

Continue reading ›
IoT security

Building IoT Applications with Containers

Docker and Arm Announcement

At DockerCon earlier this month, Docker and Arm announced a joint venture in which new Docker-based solutions will be available to the Arm ecosystem. Docker and Arm touted this synergy as a way for developers to leverage containers, both remote and on-premises, in an easier way. There …

Continue reading ›
Attending-KubeCon-Blog-650_315_1

Real-World Enterprise Security Experience at KubeSec Summit

For the second time, Aqua will host the KubeSec Enterprise Summit next week, together with our co-hosts AWS, Google Cloud, Microsoft Azure, and Red Hat. The event is co-located with KubeCon/CloudNativeCon in Barcelona and will take place on Monday, May 20th. Unlike other co-located events, this full day program …

Continue reading ›
Docker Image Vulnerability Scanning

CVE-2019-5021: Alpine Docker Image ‘null root password’ Vulnerability

A new vulnerability that impacts Alpine Docker images was published last week. The vulnerability is due to the ‘root’ user password which is set, by default, to NULL on Alpine Docker images from version 3.3 or higher.

Continue reading ›
Kubernetes operator

Aqua Operator: Automating Security for Kubernetes

Aqua recently developed a Kubernetes Operator that was successfully tested and validated by Red Hat standards for integration and supportability. Before we tell you about our new OpenShift-certified Operator, let’s get some context about what an Operator is.

Continue reading ›
container security

Vulnerabilities in the Container Ecosystem: A Brief History

Now that containers have been around for a few years and have had their share of disclosed vulnerabilities, it’s time to revisit some of the more interesting ones and see if there’s a recurring theme or any underlying trend to highlight.

Continue reading ›
Docker_Hub_Incident_2nologo

Docker Hub Unauthorized Access Incident: What You Should Know

A few days ago, Docker discovered that a database holding the credentials of some 190,000 Docker Hub accounts was exposed to unauthorized access (about 5% of all Docker Hub accounts). We’ve been getting questions from customers on this, so I wanted to set the record straight on what we know and what we recommend …

Continue reading ›