Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
The Great Escape: A Blast Radius Analysis of Container Attacks

The Great Escape: A Blast Radius Analysis of Container Attacks

In 2021, container attacks have been on the rise. We observed numerous attacks that were designed to escape container environments to the underlying host, increasing the impact of the attack. But how much damage can be caused when an attacker manages to escape a container? To answer this question, we conducted an …

Continue reading ›
Key Takeaways From KubeSec: Our 6th Enterprise Summit for K8s Security

Key Takeaways From KubeSec: Our 6th Enterprise Summit for K8s Security

This month, the KubeSec Enterprise vSummit brought together hundreds of DevOps and security practitioners to discuss the state of cloud native security and share best practices. As with previous events, the focus was on enterprise experiences in securing real-world deployments involving containers, Kubernetes, …

Continue reading ›
Key Requirements for CWPP (Cloud Workload Protection Platforms)

Key Requirements for CWPP (Cloud Workload Protection Platforms)

Cloud Workload Protection Platforms (CWPPs), now part of the emerging category of Cloud Native Application Protection Platforms (CNAPPs), are designed to secure different types of cloud workloads — such as VMs, containers, and serverless functions — deployed in public, hybrid, or multi-cloud environments. In this …

Continue reading ›
Unveiling CNDR: eBPF-Based Cloud Native Detection and Response

Unveiling CNDR: eBPF-Based Cloud Native Detection and Response

Today, Aqua announced the addition of a new, industry-leading detection and response capability to its Cloud Native Application Protection Platform (CNAPP), called Cloud Native Detection and Response (CNDR). CNDR uses real-time behavioral indicators from Aqua’s cyber research team, Nautilus, to identify zero-day …

Continue reading ›
Tracee Runtime Security Series: Easy Installation on Kubernetes

Tracee Runtime Security Series: Easy Installation on Kubernetes

Despite best efforts to harden Kubernetes environments, prevention will never be enough and attackers are finding ways to evade shift-left and other preventative capabilities. It is critical to be able to detect and respond in real time to attacks within Kubernetes clusters. Tracee, an open source runtime security …

Continue reading ›
The Story of Tracee The Path to Runtime Security Tool

The Story of Tracee: The Path to Runtime Security Tool

eBPF technology is seeing strong growth, being widely adopted in the cloud native ecosystem for monitoring, networking, and security goals. At Aqua, along with being used in commercial products, eBPF powers our open source project Tracee to detect events in running containers.

Continue reading ›
Azurescape: What You Need to Know

Azurescape: What You Need to Know

Microsoft recently disclosed a security vulnerability in its Azure Container Instances (ACI) service, referred to as Azurescape. No actual exploitations were reported and, thankfully, no Azure customers were affected by this vulnerability. To clear any doubts around risks to current environments, in this post we …

Continue reading ›
A Brief Guide to Supply Chain Security Best Practices

A Brief Guide to Supply Chain Security Best Practices

With the rise in attacks targeting the supply chain of cloud native applications, it’s important to understand how you can prepare for and stifle risks that enter your environments through third-party packages and tools. This post outlines the top software supply chain security best practices that should be …

Continue reading ›
Thoughtworks Case Study

How Thoughtworks Manages Cloud Security and Container Vulnerabilities

Many companies, in an effort to modernize their software and cloud tech stacks, are beginning to confront the challenges of managing security across multiple cross-functional, yet independent, teams - each with diverse tech stacks. One such example is Thoughtworks, a leading global technology consultancy that works …

Continue reading ›
Improving Kubernetes Security: Work on Your MUT

Improving Kubernetes Security: Work on Your MUT

Every organization has a limited amount of time to spend on security, and sometimes it seems like there’s a never-ending panoply of things that need attention. In such a world, how do you pick where to start? A concept that I find useful is focusing on improving your “mess-up tolerance”, or MUT. As part of my …

Continue reading ›
Aqua open source license

Simplifying Our Open Source Contributor License Agreement

At Aqua, we develop leading open source security tools, which are widely adopted by the cloud native community and industry at large. To us, open sourcing our technology is more than just making its source code available, it’s about making the project widely used and encouraging people to participate. Beyond using …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...