The complexity of cloud environments means that there is a virtually infinite list of potential security risks and vulnerabilities that could arise within cloud infrastructure or workloads. That said, some cloud security threats are more prevalent than others – and knowing which risks and vulnerabilities are trending …
Securing containerized applications demands a multi-layered strategy that spans the entire lifecycle from development to production, a challenge Aqua has spent nearly a decade mastering. Aqua’s Container Security solution provides full lifecycle protection by identifying vulnerabilities early in the build phase, …
Every attack leaves a trail, but in containerized environments, this trail can evaporate before you even realize you have been attacked. These environments bring new challenges for security teams, including an expanding attack surface. Containers, while incredibly powerful, are short-lived, and attackers exploit this …
Azure Container Apps (ACA) is a serverless platform for scalable containerized applications, while abstracting the underlying infrastructure. Since it runs without providing access to its underlying operating system, it has inherent security benefits, but it also presents a challenge for security and compliance tools …
Implementing Kubernetes securely can be a daunting task. Fortunately, there are tools in the K8s toolshed that provide out-of-the-box solutions using a single click. One such tools is OPA Gatekeeper. It is a great out-of-the-box security checkpoint to enforce security policies on Kubernetes. But are users using it …
In 2025, cloud native security is set to undergo transformative progress. As Chief Information Security Officer at Aqua, I’ve seen how rapidly evolving threats and operational demands are driving organizations to redefine their approach to security. The focus is no longer just on adapting to challenges—it’s about …
In this research, we uncovered several vulnerabilities and security flaws within the Prometheus ecosystem. These findings span across three major areas: information disclosure, denial-of-service (DoS), and code execution. We found that exposed Prometheus servers or exporters, often lacking proper authentication, …
From Theory to Practice: How to Make DevSecOps Work in Your Organization
Houston, we have a problem: implementing DevSecOps isn’t as straightforward as it seems.
DevSecOps has redefined security in modern software development, becoming the benchmark for organizational success. By embedding security into every phase of the development lifecycle, organizations can deploy faster and …
Aqua Nautilus researchers uncovered a new and widespread Distributed Denial-of-Service (DDoS) campaign orchestrated by a threat actor named Matrix. Triggered by activities detected on our honeypots, this investigation dives deep into Matrix’s methods, targets, tools, and overall goals.
To keep up with the ever-evolving world of cybersecurity, Aqua Nautilus researchers deploy honeypots that mimic real-world development environments. During a recent threat-hunting operation, they uncovered a surprising new attack vector: threat actors using misconfigured servers to hijack environments for streaming …
The new Aqua Hub update is designed to take the headache out of vulnerability management, addressing common challenges like alert overload and data consistency issues. With this update, teams get a clean, streamlined view of vulnerabilities that cuts through the noise, so they can focus on the critical issues without …