Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Kubernetes Vulnerability Security threat

Threat Alert: Market-First Container Image Built to Attack Kubernetes Clusters

Aqua’s Team Nautilus has uncovered a container image that, for the first time, allows bad actors to find and exploit vulnerabilities in Kubernetes clusters. The attackers propagate this malware through a Docker Hub lookalike account intended to dupe developers into downloading malicious images. To the best of our …

Continue reading ›
CSPM Azure Remediations

Auto-Remediation for Secure Configuration in Azure Cloud

Each day, Aqua monitors millions of cloud infrastructure changes for misconfigurations, and control-plane events for security issues or malicious activity in our users’ cloud accounts. But we’ve learned that just identifying misconfigurations is not enough to protect cloud assets in a modern fast-paced environment. …

Continue reading ›
Aqua Security 5.3 Dashboard

Operationalize Your Cloud Native Security with Aqua’s New Dashboard

Utilizing advanced cloud native tools without the ability to effectively unify, track, and display current conditions can create significant gaps in your security coverage. By ensuring complete visibility into your security posture across your environment, you can quickly identify key issues and prioritize them for …

Continue reading ›
kube-enforcer

Runtime Protection for K8s Workloads Using a Mutating Admission Controller

Although Kubernetes has certainly matured into a well-adopted container orchestrator platform, it remains complex to manage and secure. Coupling this with a growing attack surface and bad actors trying to exploit it, organizations must implement a comprehensive approach to securing their K8s applications. Aqua aims …

Continue reading ›
Object labels Blog Image v2

Taking Advantage of Object Labels while Controlling the Human Factor

The use of object labels has grown into an industry best practice, as labels allow you to apply metadata to objects like images, deployments, containers, volumes, networks, and more. They can be short and technical, but they can also be more descriptive. However, even with the use of automation for creating labels, …

Continue reading ›
Kubernetes Security with Starboard Operator

Automating Kubernetes Security Reporting with Starboard Operator by Aqua

Back in June 2020, we released Starboard – an open source toolkit that integrates security tools into a Kubernetes environment. We’re now happy to announce a new Starboard Operator that automates the generation of security reports in your K8s cluster. Using Starboard Operator, you can rely on the tools you’re …

Continue reading ›
KSPM Kubernetes Security Posture Management

Introducing KSPM by Aqua: Kubernetes Security Posture Management

With the rapid adoption of Kubernetes, an unforeseen consequence has emerged — there simply aren’t enough trained K8s experts to go around, let alone K8s security experts. Kubernetes environments have increased in size and complexity, expanding its attack surface, and ultimately heightening its susceptibility to …

Continue reading ›
CVE-2020-15157 Containerd

CVE-2020-15157: Vulnerability in Containerd Can Leak Cloud Credentials

A new vulnerability was found in containerd, located in the container image-pulling process. The new CVE includes manipulation of the image manifest, allowing attackers to craft an image that can leak the host’s registry or cloud credentials when pulled from a registry. This leak occurs even before the image is …

Continue reading ›
Rules-based registry scanning

Scanning Registries at Scale with Rules-based Image Pulls

Let’s face it, the demands of modern application development put tremendous pressure on Dev. Just to keep up with production demands, most developers have to keep numerous images available in their registries. These images include production images, images being built and pushed regularly, recent “known good” …

Continue reading ›
Github security scanning with trivy

Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action

Modern-day CI/CD pipelines enable new security approaches and transform the DevOps landscape to accommodate a variety of safety nets into the software supply chain. GitHub Actions is an example of one of those safety nets, making it possible to perform a variety of pipeline steps (build, test, and deploy) from …

Continue reading ›
Hacktoberfest 2020

Hacktoberfest 2020: Celebrate Open Source with Aqua!

October is upon us, and Hacktoberfest is here again! It’s the month-long celebration of something we all love – open source. Our second annual Hacktoberfest officially kicks off now!

In honor of Hacktoberfest, we want to recognize our community and reward your contributions to our open source projects during …

Continue reading ›