Aqua Blog

Container Security

Forum Engineering Case Study

How Forum Engineering Secures its AI Solution with Aqua

Digital transformation is fundamentally changing how organizations compete and engage with customers, even redefining traditional labor-intensive industries. A great example of this is Forum Engineering, a staffing company from Japan, which developed an AI-based Software-as-a-Service solution to stay ahead of the …

Continue reading ›
Container Security

How Do Containers Contain? Container Isolation Techniques

If you work with containers long enough, you already know that containers should not be considered as security boundaries. In this blog, we’ll explore how different container isolation techniques intend to provide a solution to this problem, and whether their strengths and weaknesses make them a practical choice.

Continue reading ›
Container Security

Container Isolation: Is a Container a Security Boundary?

One of the fundamental questions in container security, since the early days of Docker, is whether a container constitutes a security boundary. In this first part of a two-blog discussion of containers and isolation, we take a look at the security boundary question, along with key examples. Part II will continue …

Continue reading ›
vshield

Detect and Prevent Exploits in Runtime with Vulnerability Shielding

A single vulnerability in one of the code dependencies can put an entire application at risk, yet 48% of organizations knowingly push vulnerable code into production regularly. With a heavy reliance on open source software to build applications, patching a myriad of vulnerabilities has become an extremely hard and …

Continue reading ›
Docker Security Best Practices

Top 20 Docker Security Best Practices: Ultimate Guide

While Docker has become synonymous with containers, various container tools and platforms have emerged to make the process of developing and running containers more efficient. Still, a lot of the same principles around Docker security apply for protecting container-based applications built with other tools as well. …

Continue reading ›
CIS Benchmark framework

What’s New in the Docker and Kubernetes CIS Benchmarks

One of the challenges with container security and its standards is keeping current with new releases and products. New versions of the Docker and Kubernetes CIS Benchmarks were released recently to capture changes in the new versions of those projects, both to keep things current and to expand coverage to help …

Continue reading ›
Cloud native threats

Cloud Native Threat Report: How Quickly Will You Be Attacked?

The cloud native threat landscape is evolving fast, with 50% of vulnerable targets getting attacked within only one hour. While adversaries are constantly advancing their techniques to craft more sophisticated and targeted attacks, organizations are leaving themselves exposed. Aqua’s 2021 Cloud Native Threat Report

Continue reading ›

The Challenges of Uniquely Identifying Your Images

One of the challenges of container security is ensuring that the image you’re getting is exactly what you expect it to be. Both from a security and consistency perspective, it’s important to ensure there are no surprises in what you’re downloading. Docker image tags, whilst convenient, can’t always be relied on to …

Continue reading ›
JDWP Misconfigurations

JDWP Misconfiguration in Container Images and K8s

Java Debug Wire Protocol (JDWP) is a great way to remotely debug applications during development. However, if enabled when shipped to production, hackers can exploit this mistake by running an arbitrary code that allows initial access or privilege escalation in your production environment. Using Aqua’s Dynamic …

Continue reading ›
Monero Threat Alert

Threat Alert: Monero Miners Target Cloud Native Dev Environments

In September 2020, Aqua’s Team Nautilus detected a campaign that targeted the automated build processes of GitHub and Docker Hub. At that time we notified the affected services and they blocked the attack. Now, this campaign has resurfaced with vengeance. In just four days, the attackers set up 92 malicious Docker …

Continue reading ›
Forensics in Cloud Native Environments

Cloud Native Forensics: Challenges and Best Practices

As no individual, business, or government is immune from being the victim of the next large-scale cyberattack, organizations need capabilities to help identify, contain, and investigate what seems like an inevitable incident. By performing forensic analysis, you can gain and leverage valuable insights to take the …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...