Aqua Blog

Cloud Security CSPM

Gartner Market Guide 2021

Gartner’s 2021 Market Guide to Cloud Workload Protection Platforms

Gartner recently published the updated Market Guide for Cloud Workload Protection Platforms*. It outlines the core capabilities and architectural considerations that buyers must evaluate when protecting cloud workloads, but crucially in this update Gartner has refined the scope of CWPP, added new key requirements, …

Continue reading ›
Darkbit Blog image-1

Bridging the Cloud Native Security Gap: Why Darkbit Joined Aqua

With extensive hands-on experience in cloud native security, we founded Darkbit to help organizations address security risks in their ever-growing and changing cloud environments. As the next chapter in our journey, we’re now joining forces with Aqua to realize this shared vision, helping deliver best in class …

Continue reading ›
CSPM Cloud Security Report 2021

Cloud Misconfigurations on the Rise: 2021 Cloud Security Report

Insufficient access restrictions, permissive storage policies, and publicly exposed assets are only a few of the mistakes companies make when configuring their cloud infrastructure. The scale of the problem is mind-blowing, with 90% of organizations being vulnerable to security breaches due to cloud …

Continue reading ›
Aqua CSPM BYOK

Aqua CSPM Takes BYOK Further with Bring Your Own (Storage) Bucket

BYOK (bring your own key) is a trusted method for restricting access to data through encryption keys provided by end-users. We took this concept to the next level by adding support for “bring your own bucket” (BYOB). This new model represents an innovative, cloud native approach for providing users with better …

Continue reading ›
CSPM Guide Teaser blog image2-1

The Essential Guide to CSPM: Improve Your Cloud Security Posture

With 175 different services available on AWS alone, many enterprises are struggling to protect their large and increasingly complex cloud environments. To operate efficiently at scale, you need to continuously find and fix security issues across your entire cloud infrastructure. That’s where the concept of Cloud …

Continue reading ›
AWS

The 3 Riskiest Cloud Native AWS Configurations

With dozens of key security configurations possible for EC2 alone, the number of configuration options in AWS can be overwhelming at times. While the complexity is rising, properly – and securely - configured cloud accounts are critical to keeping pace with dynamic infrastructure requirements for a cloud native …

Continue reading ›
Cloud Security Posture Management

Infographic: What is CSPM and Why You Need It

As a major trend in 2020, enterprises have been increasingly adopting multi-cloud to elevate efficiency and maintain flexibility and independence. But multi-cloud environments are more complex and harder to secure, leading to more cloud service misconfigurations and breaches. Making matters worse, many …

Continue reading ›
CSPM Azure Remediations

Auto-Remediation for Secure Configuration in Azure Cloud

Each day, Aqua monitors millions of cloud infrastructure changes for misconfigurations, and control-plane events for security issues or malicious activity in our users’ cloud accounts. But we’ve learned that just identifying misconfigurations is not enough to protect cloud assets in a modern fast-paced environment. …

Continue reading ›
Self-securing-3

Achieving a Self-Securing Infrastructure in Public Clouds

One thing that most researchers look for when investigating security breaches is whether or not there’s a common element. In the case of security breaches, the kill-chain for almost every cloud security breach we looked at involved the exploitation of misconfigured or mismanaged cloud infrastructure settings. The …

Continue reading ›
cloud native security

Bringing Unconstrained Flexibility to Cloud Native Security

In the four short years since we launched Aqua and started our cloud native journey, we have all experienced dramatic change. During this time, we brought several new products to market. We witnessed the rise of Docker, then its decline. We recognized the growing popularity of Kubernetes and pivoted our …

Continue reading ›
Saltstack-CVE-2020-11651

Mitigating High Severity CVEs Affecting SaltStack on Public Clouds

Two high-severity CVEs in the SaltStack platform were published last week by researchers at F-Secure. These vulnerabilities can enable remote code execution (RCE), which lets attackers remotely execute commands on the Salt leader node. This results in a full compromise of the host and can expose sensitive …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...