For the past few years, I’ve been dedicating my career to helping developers improve their skills and discover useful tools and communities. As the industry is moving from customer-driven to community-focused development, Aqua is embracing this shift. I’m excited to take on the role of Aqua’s developer advocate to …
One of the advantages of automated CI/CD pipelines is that they’re a great place to implement regular security controls and checks. Using GitHub Actions, it’s easy to improve the security of your containers by automating vulnerability scanning and digital signing of container images on a regular basis. In this post, …
Aqua Security’s open source project Trivy now includes scanning of AWS CloudFormation templates to help developers better identify and remediate security issues within infrastructure as code (IaC) templates. Building on the technology and rule sets behind our popular open source project tfsec, Trivy now allows …
We’re lucky to have an outstanding open source community with contributors who help us build leading open source cloud native security tools. Over the years, the community has in many ways shaped the direction of what we do. To drive this engagement further, we’re excited to launch our Slack workspace to make it …
As an open source runtime security tool, Tracee provides a base rule set that can detect a variety of attacks. However, there’s often the need to add new rules either to contribute to the project or to provide specific rules for your environment. Because Tracee allows for new rules to be written in Rego and Golang, …
A standard piece of security advice is to reduce the size of your container images, usually by using statically compiled binaries in a scratch or distroless container. However, that complicates container vulnerability scanning, because it becomes impossible to determine the versions of software installed in a …
A great way to get started with runtime security in your Kubernetes environments is using Tracee, an open source runtime security and forensics tool for Linux. But as with any alerting and monitoring service, it’s necessary to send alerts to a central point to help operations teams keep track of what’s happening …
Despite best efforts to harden Kubernetes environments, prevention will never be enough and attackers are finding ways to evade shift-left and other preventative capabilities. It is critical to be able to detect and respond in real time to attacks within Kubernetes clusters. Tracee, an open source runtime security …
eBPF technology is seeing strong growth, being widely adopted in the cloud native ecosystem for monitoring, networking, and security goals. At Aqua, along with being used in commercial products, eBPF powers our open source project Tracee to detect events in running containers.
At Aqua, we develop leading open source security tools, which are widely adopted by the cloud native community and industry at large. To us, open sourcing our technology is more than just making its source code available, it’s about making the project widely used and encouraging people to participate. Beyond using a …
One of the biggest challenges of eBPF development is distribution of your eBPF project. With so many different versions of the Linux kernel out in the wild, it seems like an impossible task to compile your eBPF program against all of them to ensure compatibility. However, by using CO:RE, a feature of libbpf, this gets …