Aqua Blog
Experts insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Hybrid Cloud security

Securing Hybrid Cloud Workloads on Google Anthos

There are major shifts happening around container technology. We have seen ongoing improvements in automation tooling and changes as fully containerized workloads move into production. Companies are often running more than one production Kubernetes cluster at a time.  DevOps and operations teams, subsequently, have …

Continue reading ›
Container Image Scanning

Scanning Image Layers, Prometheus, and Harbor Integrations

One of the key challenges in container image scanning is understanding where a vulnerability originated in an image, and who can fix it. Image layers allow us to do that, and Aqua’s scanner now allows us to pinpoint discovered vulnerabilities to a specific layer.

Continue reading ›
Docker image vulnerability scanning

Crypto-Mining Malware Outsmarting Image Scanners

In previous crypto-mining attacks, we observed hackers investing little to no effort in hiding their malicious activities. They just ran the malicious container with all of its scripts and configuration files in clear text. This made the analysis of their malicious intent fairly easy.

Continue reading ›
container security

Crypto-mining Attack: The Container Security Demo that Went Terribly Right

Sometimes life, a.k.a., the internet, throws us a bone when it comes to running demonstrations on security tools.   

Continue reading ›
Docker Image Scanning

Docker Image Scanning in your Codefresh Pipeline with Aqua

There are many benefits to implementing CI/CD platforms, such as enabling fast and frequent release cycles of software and applications, but with great speed comes great responsibility. It is crucial to add security controls around container image creation and deployment to ensure that your applications are …

Continue reading ›
Kubernetes Security

CVE-2019-11246: Another kubectl Path Traversal Vulnerability Disclosed

A new vulnerability (CVE-2019-11246) was disclosed that enables path traversal in kubectl, the popular command line interface for running commands on Kubernetes clusters. What’s interesting about this CVE is that we’ve already seen two previous variations of the same vulnerability disclosed and patched. Read on to …

Continue reading ›
Serverless Runtime

Performance-Optimized Runtime Protection for Serverless Functions with Aqua

In order to protect serverless functions while they are running, you need to consider the very short execution times and ensure that you’re not slowing down applications or increasing cloud usage costs. In Aqua CSP 4.2, we’ve now introduced advanced runtime protection that does just that, while complementing our …

Continue reading ›
Aqua Vulnerability Shield

Mitigating Container Image Vulnerabilities with Aqua Vulnerability Shield™

Managing known vulnerabilities in container images has been one of the first issues to get the attention of organizations that adopt containers. Knowing what vulnerabilities (CVEs) lurk in your image code is important, but fixing or patching the images that contain vulnerabilities has been a challenge, since it’s …

Continue reading ›
Identity management Aqua cloud native security

Simplifying Access to the Aqua Platform with Okta

Enterprise-grade solutions are expected to integrate with existing enterprise infrastructure, including providing SSO to authenticate users without requiring separate definitions of user identity and access credentials.

Continue reading ›
Devsecops pipeline

Shift Security Left, Then Shift Up

Many of you may be familiar with the shift left security approach in which security is built in at an early stage of the application development life cycle. It is easier and more effective to do it early, rather than discover security issues later in the game, when applications are already deployed. When issues are …

Continue reading ›
Kubernetes RBAC

Kubernetes RBAC: Asking for Forgiveness or Getting Permission

This blog is dedicated to my Mum. She was a leading psychiatrist who loved learning and traveling. She was a huge inspiration to me. I think she would be proud that I’m pursuing my passion of traveling around the world teaching what I love.

I want to start with a quote attributed to another inspiring woman, Grace …

Continue reading ›