Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
GitLab Case Study

How GitLab Innovates DevOps Security Using Aqua Trivy

Digital leaders must adapt, scale, and fine-tune their operations and the solutions they provide to their customers to keep up with market demands. GitLab provides a complete DevOps platform in a single application to help developers and engineers across all industries to be successful. With many high-profile …

Continue reading ›

Trivy's Journey: From Personal Project to Open Source Scanner of Choice

Trivy is a comprehensive, easy-to-use open source vulnerability scanner for container images. Since its introduction two years ago, the project has gained a broad following among open source community members. I’m excited to share that it has now become the first container image vulnerability scanner to surpass …

Continue reading ›

Shifting Left: Infrastructure as Code security with Trivy

One of the great security benefits of the move to cloud native development is the increased use of Infrastructure as Code (IaC) to describe computing environments. Once things are described as code, we can shift left and secure our environments before they’re deployed. As a major new feature, the latest version of …

Continue reading ›
Forum Engineering Case Study

How Forum Engineering Secures its AI Solution with Aqua

Digital transformation is fundamentally changing how organizations compete and engage with customers, even redefining traditional labor-intensive industries. A great example of this is Forum Engineering, a staffing company from Japan, which developed an AI-based Software-as-a-Service solution to stay ahead of the …

Continue reading ›
Container Security

How Do Containers Contain? Container Isolation Techniques

If you work with containers long enough, you already know that containers should not be considered as security boundaries. In this blog, we’ll explore how different container isolation techniques intend to provide a solution to this problem, and whether their strengths and weaknesses make them a practical choice.

Continue reading ›
Container Security

Container Isolation: Is a Container a Security Boundary?

One of the fundamental questions in container security, since the early days of Docker, is whether a container constitutes a security boundary. In this first part of a two-blog discussion of containers and isolation, we take a look at the security boundary question, along with key examples. Part II will continue …

Continue reading ›
Infrastructure as Code

Taking IaC Security to the Next Level: Why TFsec Joined Aqua

Coming from a software engineering background, we built tfsec to help developers like us scan their infrastructure-as-code (IaC) templates and prevent cloud misconfigurations from being deployed. Teams at the world’s leading organizations are now leveraging tfsec to “shift left” and introduce security earlier in …

Continue reading ›
supply chain attacks

Innovation in the Hands of Threat Actors: Analyzing Supply Chain Attacks

Hot on the heels of highly publicized attacks like those affecting Solarwinds and Codecov, organizations are taking a firm stance on software supply chain security. But in order to be effective at securing the slurry of artifacts that get incorporated into cloud native applications, we must first understand the …

Continue reading ›

Detect and Prevent Exploits in Runtime with Vulnerability Shielding

A single vulnerability in one of the code dependencies can put an entire application at risk, yet 48% of organizations knowingly push vulnerable code into production regularly. With a heavy reliance on open source software to build applications, patching a myriad of vulnerabilities has become an extremely hard and …

Continue reading ›
Docker Security Best Practices

Top 20 Docker Security Best Practices: Ultimate Guide

While Docker has become synonymous with containers, various container tools and platforms have emerged to make the process of developing and running containers more efficient. Still, a lot of the same principles around Docker security apply for protecting container-based applications built with other tools as well. …

Continue reading ›
CIS Benchmark framework

What’s New in the Docker and Kubernetes CIS Benchmarks

One of the challenges with container security and its standards is keeping current with new releases and products. New versions of the Docker and Kubernetes CIS Benchmarks were released recently to capture changes in the new versions of those projects, both to keep things current and to expand coverage to help …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...