Aqua Blog

Steven Zimmerman

Steven Zimmerman
Steven Zimmerman is a Sr. Product Marketing Manager at Aqua Security, specializing in vulnerability management and dynamic threat analysis. He is focused on deriving a clear vision for efficient DevSecOps among the world’s leading enterprises and organizations adopting security best practices across their cloud native application ecosystem.
A Brief Guide to Supply Chain Security Best Practices

A Brief Guide to Supply Chain Security Best Practices

With the rise in attacks targeting the supply chain of cloud native applications, it’s important to understand how you can prepare for and stifle risks that enter your environments through third-party packages and tools. This post outlines the top software supply chain security best practices that should be included …

Continue reading ›
How Thoughtworks Manages Cloud Security and Container Vulnerabilities

How Thoughtworks Manages Cloud Security and Container Vulnerabilities

Many companies, in an effort to modernize their software and cloud tech stacks, are beginning to confront the challenges of managing security across multiple cross-functional, yet independent, teams - each with diverse tech stacks. One such example is Thoughtworks, a leading global technology consultancy that works …

Continue reading ›
How GitLab Innovates DevOps Security Using Aqua Trivy

How GitLab Innovates DevOps Security Using Aqua Trivy

Digital leaders must adapt, scale, and fine-tune their operations and the solutions they provide to their customers to keep up with market demands. GitLab provides a complete DevOps platform in a single application to help developers and engineers across all industries to be successful. With many high-profile security …

Continue reading ›
How Forum Engineering Secures its AI Solution with Aqua

How Forum Engineering Secures its AI Solution with Aqua

Digital transformation is fundamentally changing how organizations compete and engage with customers, even redefining traditional labor-intensive industries. A great example of this is Forum Engineering, a staffing company from Japan, which developed an AI-based Software-as-a-Service solution to stay ahead of the …

Continue reading ›
Innovation in the Hands of Threat Actors: Analyzing Supply Chain Attacks

Innovation in the Hands of Threat Actors: Analyzing Supply Chain Attacks

Hot on the heels of highly publicized attacks like those affecting Solarwinds and Codecov, organizations are taking a firm stance on software supply chain security. But in order to be effective at securing the slurry of artifacts that get incorporated into cloud native applications, we must first understand the enemy. …

Continue reading ›