Aqua Blog

Container Security

Tracee Blog Image650x315

Tracee: Tracing Containers with eBPF

This week at Velocity Berlin, I’ll be giving a talk called A Beginner’s Guide to eBPF. To coincide with it, we’re opening up a new Aqua Security open source project called Tracee, which uses eBPF to trace events in containers. This isn’t something that most developers need to do on a day-to-day basis, but for those …

Continue reading ›
Docker API Honeypots

Threat Alert: Maneuver Docker API for Host Takeover

Docker clients can communicate with the daemon either locally, via a unix socket, or over a network via a TCP socket. Aqua's research team discovered an interesting attack vector running on top of an unsecured Docker socket API. Instead of running a malicious Docker image, the attacker changes the traditional …

Continue reading ›
Optimized Logging for Container Workloads

Optimized Logging for Container Workloads Using AWS FireLens

Managing a growing number of systems and applications can be complicated and time consuming, making it particularly important to find a way to centralize and optimize your data. As a result, AWS has recently released FireLens which, working with Fluentd and Fluent Bit, allows you to route your logs to a large …

Continue reading ›
Container Image Scanning

Scanning Image Layers, Prometheus, and Harbor Integrations

One of the key challenges in container image scanning is understanding where a vulnerability originated in an image, and who can fix it. Image layers allow us to do that, and Aqua’s scanner now allows us to pinpoint discovered vulnerabilities to a specific layer.

Continue reading ›
Docker image vulnerability scanning

Crypto-Mining Malware Outsmarting Image Scanners

In previous crypto-mining attacks, we observed hackers investing little to no effort in hiding their malicious activities. They just ran the malicious container with all of its scripts and configuration files in clear text. This made the analysis of their malicious intent fairly easy.

Continue reading ›
container security

Crypto-mining Attack: The Container Security Demo that Went Terribly Right

Sometimes life, a.k.a., the internet, throws us a bone when it comes to running demonstrations on security tools.   

Continue reading ›
Aqua Vulnerability Shield

Mitigating Container Image Vulnerabilities with Aqua Vulnerability Shield™

Managing known vulnerabilities in container images has been one of the first issues to get the attention of organizations that adopt containers. Knowing what vulnerabilities (CVEs) lurk in your image code is important, but fixing or patching the images that contain vulnerabilities has been a challenge, since it’s …

Continue reading ›
Identity management Aqua cloud native security

Simplifying Access to the Aqua Platform with Okta

Enterprise-grade solutions are expected to integrate with existing enterprise infrastructure, including providing SSO to authenticate users without requiring separate definitions of user identity and access credentials.

Continue reading ›
container security

Vulnerabilities in the Container Ecosystem: A Brief History

Now that containers have been around for a few years and have had their share of disclosed vulnerabilities, it’s time to revisit some of the more interesting ones and see if there’s a recurring theme or any underlying trend to highlight.

Continue reading ›
Gartner--Container-Security2--BLOG-650_315

Gartner Names Container Security Among Top 10 Security Projects for 2019

In their recent research note, “Top 10 Security Projects for 2019”*, Gartner analysts highlighted ten initiatives that Security and Risk Management leaders should implement or improve in 2019. Container security is on this list.

Continue reading ›
affecting RunC and Docker  BLOG 650_315

Mitigating High Severity RunC Vulnerability (CVE-2019-5736)

Yesterday it was disclosed that a new high severity (CVSS score 7.2) vulnerability (CVE-2019-5736) was found in runc, that allows an attacker to potentially compromise the container host. Patches are already available from most providers (see below). Aqua customers can also prevent this vulnerability from being …

Continue reading ›

Subscribe to Email Updates

Popular Posts