Aqua Blog

Cloud Security CSPM


Triaging Trivy AWS Alerts with Postee and AWS Security Hub

Security operators are getting overloaded with alerts and information coming from a variety of sources. Without proper automation and triage, this information often gets lost and unactioned upon. With Postee, this can be remediated with automating commonly taken operator actions ahead of time. 

Continue reading ›
Automate Cloud VM Compliance with Cloud Provider Tags and Labels

Automate Cloud VM Compliance with Cloud Provider Tags and Labels

Ensuring and monitoring compliance and security best practices policies at runtime can often be a barrier to both broader adoption of cloud native technologies and moving more cloud native applications into production at scale. Cloud provider attributes — tags, labels, and resource groups — are useful tools for …

Continue reading ›
what is CNAPP

What is a CNAPP and How to Choose the Right One

A prospect’s CISO recently asked me: “I’m facing a growing stream of vulnerabilities coming from our CI/CD pipelines on the one hand, while our SecOps team is flooded with alerts and configuration issues from our production environment. How do I reconcile those separate streams and focus on what’s really important?

Continue reading ›
Key Requirements for CWPP (Cloud Workload Protection Platforms)

Key Requirements for CWPP (Cloud Workload Protection Platforms)

Cloud Workload Protection Platforms (CWPPs), now part of the emerging category of Cloud Native Application Protection Platforms (CNAPPs), are designed to secure different types of cloud workloads — such as VMs, containers, and serverless functions — deployed in public, hybrid, or multi-cloud environments. In this …

Continue reading ›
Thoughtworks Case Study

How Thoughtworks Manages Cloud Security and Container Vulnerabilities

Many companies, in an effort to modernize their software and cloud tech stacks, are beginning to confront the challenges of managing security across multiple cross-functional, yet independent, teams - each with diverse tech stacks. One such example is Thoughtworks, a leading global technology consultancy that works …

Continue reading ›
Darkbit Blog image-1

Bridging the Cloud Native Security Gap: Why Darkbit Joined Aqua

With extensive hands-on experience in cloud native security, we founded Darkbit to help organizations address security risks in their ever-growing and changing cloud environments. As the next chapter in our journey, we’re now joining forces with Aqua to realize this shared vision, helping deliver best in class …

Continue reading ›
CSPM Cloud Security Report 2021

Cloud Misconfigurations on the Rise: 2021 Cloud Security Report

Insufficient access restrictions, permissive storage policies, and publicly exposed assets are only a few of the mistakes companies make when configuring their cloud infrastructure. The scale of the problem is mind-blowing, with 90% of organizations being vulnerable to security breaches due to cloud misconfigurations. …

Continue reading ›

Aqua CSPM Takes BYOK Further with Bring Your Own (Storage) Bucket

BYOK (bring your own key) is a trusted method for restricting access to data through encryption keys provided by end-users. We took this concept to the next level by adding support for “bring your own bucket” (BYOB). This new model represents an innovative, cloud native approach for providing users with better control …

Continue reading ›
CSPM Guide Teaser blog image2-1

The Essential Guide to CSPM: Improve Your Cloud Security Posture

With 175 different services available on AWS alone, many enterprises are struggling to protect their large and increasingly complex cloud environments. To operate efficiently at scale, you need to continuously find and fix security issues across your entire cloud infrastructure. That’s where the concept of Cloud …

Continue reading ›

The 3 Riskiest Cloud Native AWS Configurations

With dozens of key security configurations possible for EC2 alone, the number of configuration options in AWS can be overwhelming at times. While the complexity is rising, properly – and securely - configured cloud accounts are critical to keeping pace with dynamic infrastructure requirements for a cloud native …

Continue reading ›
Cloud Security Posture Management

Infographic: What is CSPM and Why You Need It

As a major trend in 2020, enterprises have been increasingly adopting multi-cloud to elevate efficiency and maintain flexibility and independence. But multi-cloud environments are more complex and harder to secure, leading to more cloud service misconfigurations and breaches. Making matters worse, many organizations …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...