Two high-severity CVEs in the SaltStack platform were published last week by researchers at F-Secure. These vulnerabilities can enable remote code execution (RCE), which lets attackers remotely execute commands on the Salt leader node. This results in a full compromise of the host and can expose sensitive …

Windows containers have recently been gaining a lot of popularity, especially in the delivery of .NET applications and SQL server containers. Aqua Security has been working diligently with the Google Cloud team to support the launch of the new Windows GKE. This allows Aqua users to secure their GKE deployments …

This blog was co-written with Idan Revivo, head of Aqua's cyber research team

Container images are a growing path for external code to enter an organization. Docker has simplified image workflow in order to encourage adoption by developers, so anyone can pull and run images that were built and pushed to Docker Hub, …

Lately we’ve been witnessing a rise in the number of attacks that target container environments. We’ve been tracking an organized attack campaign that targets misconfigured open Docker Daemon API ports. This persistent campaign has been going on for months, with thousands of attempts taking place nearly on a daily …

In our view, making security tools easy to use is one of the best ways to increase adoption and help end users improve the security of their deployments. One of the strengths of our open source vulnerability scanner for container images, Trivy, is that it’s very easy to install and to integrate into different …

Drift prevention is the cloud native answer to malware, worms and zero-day exploits. It’s also one of the best things to happen to security since the firewall, and finally a departure from the defeatist “we can’t really stop attacks so let’s not try” approach that’s been plaguing the mindset of security …

Our customers challenged us to add Oracle Cloud Infrastructure (OCI) security to the list of public clouds that Aqua CSPM (aka CloudSploit) covers – and make it seamless. That meant giving our customers a singular view into the public cloud platforms they use, while maintaining the same level of control with …

To harness the power of a secure and mature Kubernetes platform, to increase their development teams’ productivity, and to lower costs, organizations choose to use Red Hat OpenShift. To achieve these goals, many deploy Red Hat OpenShift on-premise, which requires allocating resources to manage the infrastructure …

osquery is a SQL powered operating system instrumentation, monitoring, and analytics tool that exposes an operating system as a relational database. Using SQL, you can run queries to gain the status of your entire infrastructure. What’s cool about osquery is how easy it is to use the SQL query interface. kube-query …

The Aqua Research team has identified a new attack vector that points to an evolution in attacks’ techniques and capabilities. In these attacks, the attackers leverage containers as an entry point to discover and spread to other resources used within cloud accounts. The attackers deployed a clean Ubuntu container, …