Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Kubernetes 1.21

Kubernetes Version 1.21: What You Need to Know

As with every new Kubernetes release there are a great number of new features, however there are a couple of key changes which could have impacts to security and are worth looking at in more details. In addition to the deprecation of PodSecurityPolicies, we’ll also look at some newly promoted features being put in …

Continue reading ›
libbpfgo

How to Build eBPF Programs with libbpfgo

In recent years, I have been I using a project called BCC to compile, load, and interact with my bpf programs. I have recently learned about a better way to build ebpf projects called libbpf. There are a few good resources to use when developing libbpf based programs but getting started can still be quite …

Continue reading ›
2021 Cloud Native Security Trends

Seven Cloud Native Security Trends to Watch in 2021

Cloud native security is a vibrant, fast-moving space. As enterprises across industries continue to accelerate digital initiatives with cloud native tools, security is becoming more critical than ever, and new trends are bound to emerge. To keep you ahead of the curve, here are the top seven developing trends that …

Continue reading ›
vmlinux.h

What is vmlinux.h and Why is It Important for Your eBPF Programs?

eBPF is a powerful and exciting technology that allows developers to add custom code to strategic points in the Linux kernel and interact with it by writing simple C or Go programs. The eBPF programs you write and run can inspect data in the memory of processes they attach to. In order to do so, however, the eBPF …

Continue reading ›
Rory McCune Cloud native security at Aqua

Learning is Easier When You Are Well Hydrated: Why I Joined Aqua

Having just joined Aqua Security feels a lot like a destination on a journey I started back in 2014. I was doing a security architecture review for a company and where I would usually have expected to see some virtual machines or even physical servers (remember those!) instead some of their supporting applications …

Continue reading ›
CyberCenter Blog Image v1

Aqua CyberCenter: Elevating Vulnerability Scanning Beyond the NVD

The National Vulnerability Database (NVD), while a valuable source of vulnerability information, is inadequate for today’s cloud native ecosystem and the teams tasked with protecting it. The complex array of platforms, technologies, and deployment methodologies at play in cloud native environments means that …

Continue reading ›
JDWP Misconfigurations

JDWP Misconfiguration in Container Images and K8s

Java Debug Wire Protocol (JDWP) is a great way to remotely debug applications during development. However, if enabled when shipped to production, hackers can exploit this mistake by running an arbitrary code that allows initial access or privilege escalation in your production environment. Using Aqua’s Dynamic …

Continue reading ›
AWS Graviton Blog Image_2

Protecting Arm-based Container Workloads on AWS Graviton2

Moving at the pace of innovation in cloud native infrastructure, Aqua is announcing support for Amazon services run on the new Amazon Graviton2 processors, built using Arm based technology. Now Aqua customers can take advantage of the high density and cost-effectiveness provided by Arm-powered hosts and devices …

Continue reading ›
Amazon ECS security

Aqua Supports New Amazon ECS Exec Troubleshooting Capability

Aqua has been securing Amazon ECS workloads throughout its evolution and now we are expanding our support to secure Amazon’s new ECS Exec; a simple, secure, and auditable way to execute commands into containers. This new capability extends Aqua’s runtime protection features, including drift prevention, to ensure …

Continue reading ›
Aqua Security 1Bn company

Aqua at Age Five: Recognized Market Leader and $1 Billion Company

Today we reached an important milestone in our 5-year history – in a single funding round we’ve more than doubled our venture funding to date and achieved a valuation of $1Bn, often referred to as “unicorn” status. While I’m thrilled to have reached this milestone with Aqua, it’s not the valuation itself that I’m …

Continue reading ›
Monero Threat Alert

Threat Alert: Monero Miners Target Cloud Native Dev Environments

In September 2020, Aqua’s Team Nautilus detected a campaign that targeted the automated build processes of GitHub and Docker Hub. At that time we notified the affected services and they blocked the attack. Now, this campaign has resurfaced with vengeance. In just four days, the attackers set up 92 malicious Docker …

Continue reading ›