Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Supply Chain Attacks

Threat Alert: Supply Chain Attacks Using Container Images

Team Nautilus, Aqua Security’s threat research team, has uncovered several supply chain attacks that use malicious container images to compromise their victim. These five container images were found on Docker Hub, which we scan daily for signs of malicious activity. The images hijack organizations’ resources to …

Continue reading ›
Kubernetes 1.22

Kubernetes Version 1.22: Security Features You Need to Know

Even with Kubernetes’ new, longer release cycle in place, it doesn’t seem long since the last version came along with all its new features, but 1.22 is upon us. As ever, there’s an interesting mix of new features that are starting their maturation process as alpha releases and other features that are graduating to …

Continue reading ›
GitLab Case Study

How GitLab Innovates DevOps Security Using Aqua Trivy

Digital leaders must adapt, scale, and fine-tune their operations and the solutions they provide to their customers to keep up with market demands. GitLab provides a complete DevOps platform in a single application to help developers and engineers across all industries to be successful. With many high-profile …

Continue reading ›
Trivy

Trivy's Journey: From Personal Project to Open Source Scanner of Choice

Trivy is a comprehensive, easy-to-use open source vulnerability scanner for container images. Since its introduction two years ago, the project has gained a broad following among open source community members. I’m excited to share that it has now become the first container image vulnerability scanner to surpass …

Continue reading ›
Trivy

Shifting Left: Infrastructure as Code security with Trivy

One of the great security benefits of the move to cloud native development is the increased use of Infrastructure as Code (IaC) to describe computing environments. Once things are described as code, we can shift left and secure our environments before they’re deployed. As a major new feature, the latest version of …

Continue reading ›
Forum Engineering Case Study

How Forum Engineering Secures its AI Solution with Aqua

Digital transformation is fundamentally changing how organizations compete and engage with customers, even redefining traditional labor-intensive industries. A great example of this is Forum Engineering, a staffing company from Japan, which developed an AI-based Software-as-a-Service solution to stay ahead of the …

Continue reading ›
Container Security

How Do Containers Contain? Container Isolation Techniques

If you work with containers long enough, you already know that containers should not be considered as security boundaries. In this blog, we’ll explore how different container isolation techniques intend to provide a solution to this problem, and whether their strengths and weaknesses make them a practical choice.

Continue reading ›
Container Security

Container Isolation: Is a Container a Security Boundary?

One of the fundamental questions in container security, since the early days of Docker, is whether a container constitutes a security boundary. In this first part of a two-blog discussion of containers and isolation, we take a look at the security boundary question, along with key examples. Part II will continue …

Continue reading ›
Infrastructure as Code

Taking IaC Security to the Next Level: Why TFsec Joined Aqua

Coming from a software engineering background, we built tfsec to help developers like us scan their infrastructure-as-code (IaC) templates and prevent cloud misconfigurations from being deployed. Teams at the world’s leading organizations are now leveraging tfsec to “shift left” and introduce security earlier in …

Continue reading ›
supply chain attacks

Innovation in the Hands of Threat Actors: Analyzing Supply Chain Attacks

Hot on the heels of highly publicized attacks like those affecting Solarwinds and Codecov, organizations are taking a firm stance on software supply chain security. But in order to be effective at securing the slurry of artifacts that get incorporated into cloud native applications, we must first understand the …

Continue reading ›
vshield

Detect and Prevent Exploits in Runtime with Vulnerability Shielding

A single vulnerability in one of the code dependencies can put an entire application at risk, yet 48% of organizations knowingly push vulnerable code into production regularly. With a heavy reliance on open source software to build applications, patching a myriad of vulnerabilities has become an extremely hard and …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...