Aqua Blog

CNAPP

Protecting AWS Fargate Containers at Runtime

Protecting AWS Fargate Containers at Runtime

Containers as a Service (CaaS) like AWS Fargate have proven to be a valuable mechanism for DevOps teams to build and deploy complex applications at scale. By removing the need for infrastructure management and security, customers can also reduce development costs using AWS Fargate.

Continue reading ›
Frost Radar for CNAPPs: Why is Aqua the Top Innovation Leader?

Frost Radar for CNAPPs: Why is Aqua the Top Innovation Leader?

Fifteen vendors. That’s the number of CNAPPs featured in analyst firm Frost & Sullivan’s recent radar for Cloud Native Application Protection Platforms, the first report to rank CNAPP solution providers to come out at this early stage of the market. Not surprisingly to us, Aqua came out on top (or rather, to the …

Continue reading ›
Aqua, HashiCorp Enable Cloud Native Security, Zero-Trust Approaches

Aqua, HashiCorp Enable Cloud Native Security, Zero-Trust Approaches

We’re delighted to announce our recent achievement of Premier tier status in HashiCorp’s partner ecosystem – a significant milestone in helping our mutual customers automate security and compliance as part of the cloud journey, and more effectively manage risk by shifting security left, securing the software supply …

Continue reading ›
Trivy: The Universal Scanner to Secure Your Cloud Migration

Trivy: The Universal Scanner to Secure Your Cloud Migration

Application security teams are challenged today with the need for a centralized view of exposure to security issues like Log4j and Spring4Shell. But an exploding set of artifacts and security tools makes it prohibitively difficult to secure the development life cycle. A universal scanner drastically reduces this …

Continue reading ›
Announcing Full Lifecycle Software Supply Chain Security

Announcing Full Lifecycle Software Supply Chain Security

Software supply chain attacks have an enormous blast radius and affect multiple targets by compromising a single, shared resource. And these types of attacks are on the rise: Aqua research showed an increase of 300% year-over-year.

Continue reading ›
Detecting Drovorub's File Operations Hooking with Tracee

Detecting Drovorub's File Operations Hooking with Tracee

This blog was co-authored by Itamar MaoudaTwo years ago, the NSA (the United States' National Security Agency) revealed that Drovorub, an advanced Russian malware created by the GRU 85th GTsSS team, had been discovered targeting Linux systems. Drovorub works by introducing advanced techniques which can manipulate the …

Continue reading ›
Protecting Workloads Against Real-World Attacks With Ease

Protecting Workloads Against Real-World Attacks With Ease

Attackers are sophisticated, there is always a lag between zero days and mitigation, and production workloads are critical. So why is the adoption of runtime security for cloud native applications still lower than shift-left security practices for the same applications? 

Continue reading ›
Looking Ahead: 7 Cloud Native Security Predictions for 2022

Looking Ahead: 7 Cloud Native Security Predictions for 2022

It’s been an incredibly busy year for cloud native and security practitioners! As we wrap up 2021, it’s time to look at what will shape our industry in the year ahead. In that spirit, we asked experts from across the company to share their take on what’s coming next for cloud native security and what to expect in …

Continue reading ›
What is a CNAPP and How to Choose the Right One

What is a CNAPP and How to Choose the Right One

A prospect’s CISO recently asked me: “I’m facing a growing stream of vulnerabilities coming from our CI/CD pipelines on the one hand, while our SecOps team is flooded with alerts and configuration issues from our production environment. How do I reconcile those separate streams and focus on what’s really important?

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...