Aqua Blog

CI/CD

2023 Nautilus Cyber Security Report - Insights Revealed

2023 Nautilus Cyber Security Report - Insights Revealed

The adoption of cloud native technologies has become a cornerstone to helping businesses build and run applications. Cloud computing has revolutionized the way organizations design, develop, deploy, and manage their applications. While it has brought many benefits such as scalability, flexibility, and agility, it has …

Continue reading ›
Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries

Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries

What if you were told that you had a misconfigured registry with hundreds of millions of software artifacts containing highly confidential and sensitive proprietary code and secrets exposed in your environment right now? This would be what you’d call a really bad day for security. Recently, the Aqua Nautilus research …

Continue reading ›
CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE

CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE

Aqua Nautilus researchers have discovered a chain of critical vulnerabilities, dubbed CorePlague, in the widely used Jenkins Server and Update Center (CVE-2023-27898, CVE-2023-27905). Exploiting these vulnerabilities could allow an unauthenticated attacker to execute arbitrary code on the victim's Jenkins server, …

Continue reading ›
Kubernetes Benchmark Scans with Trivy: CIS and NSA Reports

Kubernetes Benchmark Scans with Trivy: CIS and NSA Reports

One of Trivy’s core features is Trivy Kubernetes for in-cluster security scans of running workloads. This tutorial will showcase how to generate CIS and NSA reports both through the Trivy CLI and the Trivy Operator.Additionally, we will look at how users can add the Kubernetes Specification for their own Compliance …

Continue reading ›
Supply Chain Security: Shifting Left to the Golden Pipeline

Supply Chain Security: Shifting Left to the Golden Pipeline

According to an article in Security Magazine, 98% of organizations have been negatively impacted by a cybersecurity breach in their supply chain. Aqua’s 2021 Software Supply Chain Security Review notes that “attackers focused heavily on open source vulnerabilities and poisoning, code integrity issues, exploiting the …

Continue reading ›
Securing GitHub Actions with Trivy and Cosign

Securing GitHub Actions with Trivy and Cosign

One of the advantages of automated CI/CD pipelines is that they’re a great place to implement regular security controls and checks. Using GitHub Actions, it’s easy to improve the security of your containers by automating vulnerability scanning and digital signing of container images on a regular basis. In this post, …

Continue reading ›
Automatically Secure Your CI/CD Pipelines Using Tracee GitHub Action

Automatically Secure Your CI/CD Pipelines Using Tracee GitHub Action

In my previous post, I covered how you can secure your CI/CD pipeline with Tracee from potentially malicious code executions. We’re now releasing Tracee GitHub Action, which makes using Tracee a plug-n-play experience and doesn’t require any prior knowledge of eBPF or Docker. We’re also introducing a new capability to …

Continue reading ›
Vulnerability Management in Container Images from Build to Runtime

Vulnerability Management in Container Images from Build to Runtime

When it comes to containerized workloads, resolving the underlying image's security vulnerabilities is paramount to ensuring the safety of your environment. Getting security risk information into the hands of developers quickly and efficiently is key to keeping development cycles as short as possible while maintaining …

Continue reading ›
Detecting Malicious Activity in CI/CD Pipeline with Tracee

Detecting Malicious Activity in CI/CD Pipeline with Tracee

With the growing popularity of CI platforms to build software, bad actors are increasingly looking to exploit these environments to target organizations. In our post about the recent Codecov breach, we explored how an attacker was able to get access to credentials from within the CI/CD pipeline. To prevent this from …

Continue reading ›
Threat Alert: Massive Cryptomining Campaign Abusing GitHub, Docker Hub, Travis CI & Circle CI

Threat Alert: Massive Cryptomining Campaign Abusing GitHub, Docker Hub, Travis CI & Circle CI

Aqua’s Team Nautilus detected an impressive campaign that set out to hijack resources to enable cryptocurrency mining. This operation focused on several SaaS software development environments, including Docker Hub, GitHub, Travis CI, and Circle CI, by abusing their automated build processes.

Continue reading ›
Cloud Native Best Practices: Security Policies in CI/CD Pipelines

Cloud Native Best Practices: Security Policies in CI/CD Pipelines

With the continual leftward shifting movement of traditional DevOps responsibilities, organizations can now detect security issues earlier in the software development lifecycle (SDLC). Using CI/CD tools such as Jenkins, GoCD, or Bamboo, organizations can continually develop, test, and ship applications. As containers …

Continue reading ›

Subscribe to Email Updates

Popular Posts