Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Vulnerability Management

Vulnerability Management in Container Images from Build to Runtime

When it comes to containerized workloads, resolving the underlying image's security vulnerabilities is paramount to ensuring the safety of your environment. Getting security risk information into the hands of developers quickly and efficiently is key to keeping development cycles as short as possible while …

Continue reading ›
Tracee Github Action

Detecting Malicious Activity in CI/CD Pipeline with Tracee

With the growing popularity of CI platforms to build software, bad actors are increasingly looking to exploit these environments to target organizations. In our post about the recent Codecov breach, we explored how an attacker was able to get access to credentials from within the CI/CD pipeline. To prevent this …

Continue reading ›
Aqua Security

Accelerating Our Customers' Cloud Native Journey: Why I Joined Aqua

I’m very excited to join Aqua Security as its Chief Customer Officer, leading the customer success, consulting, customer support and education teams, and helping our customers maximize the value from Aqua’s solutions. Joining from Microsoft, where I led the Azure Cloud and AI services in the AMS, one might ask – …

Continue reading ›
CIS K8s Benchmark Compliance & Starboard

Automating CIS Kubernetes Benchmark Compliance with Starboard Operator

Last year, we first released Starboard Operator, which automates vulnerability scanning and configuration auditing of Kubernetes workloads. We’re now pleased to announce the latest release (v0.10), which is focused on infrastructure and adds CIS Kubernetes Benchmark testing using kube-bench. The operator …

Continue reading ›
Codecov breach

Codecov Breach: Lessons Learned from the CI Poisoning Attack

A recent security incident disclosed by Codecov has again placed the spotlight on supply chain attacks. Looking at the details of the incident and how the system operated, it’s clear that organizations should make changes to how they use third party services as part of their Continuous Integration (CI) pipelines. …

Continue reading ›
K8s Secrets

Why You Shouldn’t Use Config Maps to Store Sensitive Data in K8s

One of the challenges of managing containerized environments is how to store sensitive information that’s needed for the operation of the applications running in those environments. Kubernetes provides a built-in secrets object type, but a common comment about them is that, from a technical standpoint, they’re just …

Continue reading ›
Azure Configuration Challenges

Most Common Azure Configuration Issues and How to Treat Them

With hundreds of products and cloud services, Microsoft Azure Cloud offers significant capabilities, but it can be a formidable task to keep them all configured properly. However, there are a few things you can do right now to ensure the health and safety of your infrastructure.

Continue reading ›

The Challenges of Uniquely Identifying Your Images

One of the challenges of container security is ensuring that the image you’re getting is exactly what you expect it to be. Both from a security and consistency perspective, it’s important to ensure there are no surprises in what you’re downloading. Docker image tags, whilst convenient, can’t always be relied on to …

Continue reading ›
Kubernetes 1.21

Kubernetes Version 1.21: What You Need to Know

As with every new Kubernetes release there are a great number of new features, however there are a couple of key changes which could have impacts to security and are worth looking at in more details. In addition to the deprecation of PodSecurityPolicies, we’ll also look at some newly promoted features being put in …

Continue reading ›

How to Build eBPF Programs with libbpfgo

In recent years, I have been I using a project called BCC to compile, load, and interact with my bpf programs. I have recently learned about a better way to build ebpf projects called libbpf. There are a few good resources to use when developing libbpf based programs but getting started can still be quite …

Continue reading ›
2021 Cloud Native Security Trends

Seven Cloud Native Security Trends to Watch in 2021

Cloud native security is a vibrant, fast-moving space. As enterprises across industries continue to accelerate digital initiatives with cloud native tools, security is becoming more critical than ever, and new trends are bound to emerge. To keep you ahead of the curve, here are the top seven developing trends that …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...