Aqua Blog

Cloud Native Security

Cloud Native Security

Cloud Native Best Practices: Security Policies in CI/CD Pipelines

With the continual leftward shifting movement of traditional DevOps responsibilities, organizations can now detect security issues earlier in the software development lifecycle (SDLC). Using CI/CD tools such as Jenkins, GoCD, or Bamboo, organizations can continually develop, test, and ship applications. As …

Continue reading ›
Cloud Native Security Best Practices

Cloud Native Security Best Practices: Vulnerability Management

After four years of securing cloud native applications, our team at Aqua has learned a thing or two about applying best practices in the real world. We’ve seen many organizations succeed in establishing a sound process and tooling to achieve their security goals, and we’ve also seen those who struggle to prioritize …

Continue reading ›

Aqua Integrates with AWS Security Hub: Closing the Gap on Cloud Native Security

The AWS Security Hub SecOps tool provides a comprehensive view of security and compliance alerts across various AWS accounts.  Security findings are collected and summarized on integrated dashboards, allowing security professionals to continuously monitor their environment using automated compliance checks. The …

Continue reading ›
KubeSec Enterprise Summit San Diego 2019

Impressions from KubeSec, Our Third Enterprise Summit for K8s Security

Yesterday more than 300 cloud native professionals assembled for KubeSec, what has now become a fixture as a “day zero” event for KubeCon/CloudNativeCon. As with previous events, the emphasis was on end-user organizations’ experiences in securing production environments. While many technical aspects and best …

Continue reading ›
CSPM

A CloudSploit Case Study: Trek10's Three AWS Cloud Security Concerns & One Solution

With all the security breaches that occurred on AWS in 2017, be they caused by poorly managed Amazon S3 permissions to inadequate security group configurations, we have seen that no company or government agency is above making simple mistakes. This post will explain three areas of security we’ve noticed many AWS …

Continue reading ›
CloudSploit By Aqua

Expanding into CSPM with CloudSploit and Deepening Security for Cloud VMs

IT spend on public cloud will more than double by 2023 (IDC) and hybrid multi-clouds will soon be the more common environment for enterprises. The benefits of using cloud infrastructure including the ability to scale, ease of use and speed of application delivery are too attractive to ignore, however, the …

Continue reading ›

Tracee: Tracing Containers with eBPF

This week at Velocity Berlin, I’ll be giving a talk called A Beginner’s Guide to eBPF. To coincide with it, we’re opening up a new Aqua Security open source project called Tracee, which uses eBPF to trace events in containers. This isn’t something that most developers need to do on a day-to-day basis, but for those …

Continue reading ›
Optimized Logging for Container Workloads

Optimized Logging for Container Workloads Using AWS FireLens

Managing a growing number of systems and applications can be complicated and time consuming, making it particularly important to find a way to centralize and optimize your data. As a result, AWS has recently released FireLens which, working with Fluentd and Fluent Bit, allows you to route your logs to a large …

Continue reading ›
secure vms

Cloud VM Security with Aqua CSP

We have enhanced our Cloud Native Security Platform (CSP) by adding Cloud VM protection capabilities for VMs that are not running container workloads. Aqua now provides a full-stack security solution across all workload types: VMs, containers, and serverless functions, for both Linux and Windows VMs.

Continue reading ›
Devsecops pipeline

Shift Security Left, Then Shift Up

Many of you may be familiar with the shift left security approach in which security is built in at an early stage of the application development life cycle. It is easier and more effective to do it early, rather than discover security issues later in the game, when applications are already deployed. When issues are …

Continue reading ›
featured_kubesec_blog.png

Impressions from KubeSec, The First Enterprise Kubernetes Security Summit

On Monday, “day 0” of this year’s KubeCon/CloudNativeCon, we held our first KubeSec Enterprise Summit event, co-located with KubeCon under the auspices of the CNCF. Aqua hosted the event together with our partners Red Hat and AWS. The event was over-subscribed, and we had to make special allowance for late …

Continue reading ›