Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Starboard integration with Lens Kubernetes IDE

Discover Security Risks with Starboard Extension for Lens Kubernetes IDE

When the Mirantis team announced the Lens Extensions API back in November 2020, we were excited to experiment with it and build an extension for Starboard, our open source Kubernetes native security toolkit. True to DevSecOps principles, the integration makes security reports accessible within Lens IDE, giving you …

Continue reading ›
Liz Rice

Four Amazing Years at Aqua!

What were you doing four years ago?

Perhaps in 2017 you were, like many people, entirely unaware of the way that containers and cloud computing would take the world by storm. Back then, there were companies just taking baby steps towards containerization – don’t feel bad if you were running one container per …

Continue reading ›
Forensics in Cloud Native Environments

Cloud Native Forensics: Challenges and Best Practices

As no individual, business, or government is immune from being the victim of the next large-scale cyberattack, organizations need capabilities to help identify, contain, and investigate what seems like an inevitable incident. By performing forensic analysis, you can gain and leverage valuable insights to take the …

Continue reading ›
Kubernetes Pod Security policy

Kubernetes Pod Security Policy Deprecation: All You Need to Know

To improve your Kubernetes security, you need to control and limit what pods can be created and deployed in your environment. For this, Kubernetes has provided a beta feature called Pod Security Policy (PSP), which soon will be deprecated and replaced with a standard called Pod Security Standards (PSS). In this …

Continue reading ›
Kubernetes vulnerability scanning

Vulnerability Scanning for Kubernetes Applications: Why and How

If you’re looking to improve the security posture of your Kubernetes applications, you can get a lot of bang for your buck with vulnerability scanning. In this blog, I’ll talk about the fundamentals of scanning container images: how to pick a vulnerability scanner, when to use it in the application pipeline, and …

Continue reading ›
TeamTNT Campaign Docker images

Threat Alert: TeamTNT Pwn Campaign Against Docker and K8s Environments

Last week, TeamTNT launched a new campaign against Docker and Kubernetes environments. Using a collection of container images that are hosted in Docker Hub, the attackers are targeting misconfigured docker daemons, Kubeflow dashboards, and Weave Scope, exploiting these environments in order to steal cloud …

Continue reading ›
Neat Commerce Case Study

How Neat Commerce Ensures Regulatory Compliance with Aqua

The challenges of maintaining security and numerous compliance requirements are a very steep hill to climb for international business services providers. The latest example comes from an organization in Hong Kong called Neat, this financial services technology company has several offerings, including secure payment …

Continue reading ›

Acting on Cloud Native Security Data with Splunk

With no shortage of attacks targeting the cloud native stack, having a holistic view of your environment is paramount to contain and mitigate the attack, as well as to perform forensic analysis after the fact. In order to provide you with deeper insights into malicious and suspicious activity in your cloud native …

Continue reading ›
cloud native security myths

Debunking the Top Cloud Native Security Myths

There is no shortage of myths in cloud native security, and we made our own list of the top seven cloud native security myths. Achieving compliance in the cloud and cloud providers’ responsibilities are the top two from that list.
Continue reading ›
Starboard Operator

Automating Configuration Auditing with Starboard Operator By Aqua

Back in November 2020, we introduced the Starboard Operator, which automates vulnerability scanning in a Kubernetes environment. We’re now pleased to announce the latest release (release v0.9) which adds configuration auditing using Polaris. This means that the Operator can automatically check for weaknesses in the …

Continue reading ›
Aqua CSPM BYOK

Aqua CSPM Takes BYOK Further with Bring Your Own (Storage) Bucket

BYOK (bring your own key) is a trusted method for restricting access to data through encryption keys provided by end-users. We took this concept to the next level by adding support for “bring your own bucket” (BYOB). This new model represents an innovative, cloud native approach for providing users with better …

Continue reading ›