Aqua Blog



Audit Your Software Supply Chain for CIS Compliance with Chain-bench

The Center for Internet Security (CIS) has recently released the Software Supply Chain Security Guide, a set of practical, community-developed best practices for securing software delivery pipelines. As an initiator and one of the main contributors to this comprehensive and much-needed guidance, we at Aqua aim to help …

Continue reading ›
PCI DSS compliance cloud native

What You Need to Know About PCI DSS Compliance in Cloud Native

The Payment Card Industry Data Security Standard (PCI DSS) is a well-known compliance framework for any organization handling payment card data. However, translating the PCI DSS requirements into the world of containers and Kubernetes can be overwhelming. In this post, we break down how containerized applications …

Continue reading ›
Automate Cloud VM Compliance with Cloud Provider Tags and Labels

Automate Cloud VM Compliance with Cloud Provider Tags and Labels

Ensuring and monitoring compliance and security best practices policies at runtime can often be a barrier to both broader adoption of cloud native technologies and moving more cloud native applications into production at scale. Cloud provider attributes — tags, labels, and resource groups — are useful tools for …

Continue reading ›
CIS Benchmark framework

What’s New in the Docker and Kubernetes CIS Benchmarks

One of the challenges with container security and its standards is keeping current with new releases and products. New versions of the Docker and Kubernetes CIS Benchmarks were released recently to capture changes in the new versions of those projects, both to keep things current and to expand coverage to help people …

Continue reading ›
CIS K8s Benchmark Compliance & Starboard

Automating CIS Kubernetes Benchmark Compliance with Starboard Operator

Last year, we first released Starboard Operator, which automates vulnerability scanning and configuration auditing of Kubernetes workloads. We’re now pleased to announce the latest release (v0.10), which is focused on infrastructure and adds CIS Kubernetes Benchmark testing using kube-bench. The operator automatically …

Continue reading ›
Neat Commerce Case Study

How Neat Commerce Ensures Regulatory Compliance with Aqua

The challenges of maintaining security and numerous compliance requirements are a very steep hill to climb for international business services providers. The latest example comes from an organization in Hong Kong called Neat, this financial services technology company has several offerings, including secure payment …

Continue reading ›
Aqua Risk Explorer

Visualize and Prioritize Risks in Kubernetes with Aqua Risk Explorer

If you’re running workloads on Kubernetes, one of the toughest things to understand is where you have security gaps. Yes, there are CIS benchmarks and configurations to tweak, but they are generalized and won’t highlight the risks in workloads that are actually running in your clusters. The Aqua Risk Explorer’s …

Continue reading ›
Cloud Native Security

Cloud Native Security Best Practices: Using Kubernetes Admission Controller for Image Assurance

With cloud native technologies quickly evolving and with their high adoption rate, security practices are falling behind, are not being fully applied, and in some cases, applied too late. As a result, customers pay a high, albeit avoidable price. Aqua Cloud Native Security Platform uniquely addresses these challenges …

Continue reading ›
CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions

CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions

A new vulnerability was discovered earlier this week in the sudo package. Sudo is one of the most powerful and commonly used utilities installed on almost every UNIX and Linux-based operating system.

Continue reading ›
Kubernetes security

Security Configuration Benchmarks for Kubernetes

When you’re running Kubernetes, how do you know whether it’s configured securely? Kubernetes is a complex system, with several control plane components, each of which has numerous configuration parameters. In some cases, it’s clear that a parameter will have an impact on Kubernetes security – for example, providing …

Continue reading ›
Container Security

“Thin OS” Security for Container Hosts

In the spectrum of deployment options available for cloud native applications, the most widely used option, at least presently, is running containers on VMs that use the Linux operating system (or less frequently, bare-metal servers running Linux).

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...