Aqua Blog

Container Security

The Challenges of Uniquely Identifying Your Images

One of the challenges of container security is ensuring that the image you’re getting is exactly what you expect it to be. Both from a security and consistency perspective, it’s important to ensure there are no surprises in what you’re downloading. Docker image tags, whilst convenient, can’t always be relied on to …

Continue reading ›
JDWP Misconfigurations

JDWP Misconfiguration in Container Images and K8s

Java Debug Wire Protocol (JDWP) is a great way to remotely debug applications during development. However, if enabled when shipped to production, hackers can exploit this mistake by running an arbitrary code that allows initial access or privilege escalation in your production environment. Using Aqua’s Dynamic …

Continue reading ›
Monero Threat Alert

Threat Alert: Monero Miners Target Cloud Native Dev Environments

In September 2020, Aqua’s Team Nautilus detected a campaign that targeted the automated build processes of GitHub and Docker Hub. At that time we notified the affected services and they blocked the attack. Now, this campaign has resurfaced with vengeance. In just four days, the attackers set up 92 malicious Docker …

Continue reading ›
Forensics in Cloud Native Environments

Cloud Native Forensics: Challenges and Best Practices

As no individual, business, or government is immune from being the victim of the next large-scale cyberattack, organizations need capabilities to help identify, contain, and investigate what seems like an inevitable incident. By performing forensic analysis, you can gain and leverage valuable insights to take the …

Continue reading ›
Kubernetes vulnerability scanning

Vulnerability Scanning for Kubernetes Applications: Why and How

If you’re looking to improve the security posture of your Kubernetes applications, you can get a lot of bang for your buck with vulnerability scanning. In this blog, I’ll talk about the fundamentals of scanning container images: how to pick a vulnerability scanner, when to use it in the application pipeline, and …

Continue reading ›
Rootless Containers

Boosting Container Security with Rootless Containers

If there is a single best practice for container security, it is to avoid running containers as root. Rootless containers are making this much easier – almost effortless, even. In this blog, I’ll talk about why you should be avoiding root in containers, what rootless containers are, and how they are going to help.

Continue reading ›
CVE-2020-15275 in containerd-shim API

CVE-2020-15275: New Vulnerability Exploits containerd-shim API

A year of challenges isn’t quite over yet, as a new vulnerability was found in containerd, CVE-2020-15257. When exploited, after providing a connection through the container to the host network, an attacker can gain root privileges on the host. This vulnerability was disclosed by Jeff Dileo of NCC Group, our …

Continue reading ›
Fileless Attack Blog Image

Threat Alert: Fileless Malware Executing in Containers

Our cyber research team detected a new type of attack that executes and runs malware straight from memory in containers, thus evading common defenses and static scanning. This malware is using a rootkit to hide its running processes, then hijacks resources by executing a crypto miner from memory — leaving a …

Continue reading ›
AWS Lambda Containers

Aqua Secures Container Image Support in AWS Lambda

Amazon continues to build new capabilities into its serverless operational mode and has launched container image support in AWS Lambda. It enables packaging and deploying Lambda functions as container images. Building on our strong partnership with AWS and our desire to offer the most complete cloud-native security …

Continue reading ›
kube-enforcer

Runtime Protection for K8s Workloads Using a Mutating Admission Controller

Although Kubernetes has certainly matured into a well-adopted container orchestrator platform, it remains complex to manage and secure. Coupling this with a growing attack surface and bad actors trying to exploit it, organizations must implement a comprehensive approach to securing their K8s applications. Aqua aims …

Continue reading ›
Object labels Blog Image v2

Taking Advantage of Object Labels while Controlling the Human Factor

The use of object labels has grown into an industry best practice, as labels allow you to apply metadata to objects like images, deployments, containers, volumes, networks, and more. They can be short and technical, but they can also be more descriptive. However, even with the use of automation for creating labels, …

Continue reading ›

Subscribe to Email Updates

Popular Posts