Aqua Blog

Container Security

Kubernetes vulnerability scanning

Vulnerability Scanning for Kubernetes Applications: Why and How

If you’re looking to improve the security posture of your Kubernetes applications, you can get a lot of bang for your buck with vulnerability scanning. In this blog, I’ll talk about the fundamentals of scanning container images: how to pick a vulnerability scanner, when to use it in the application pipeline, and …

Continue reading ›
Rootless Containers

Boosting Container Security with Rootless Containers

If there is a single best practice for container security, it is to avoid running containers as root. Rootless containers are making this much easier – almost effortless, even. In this blog, I’ll talk about why you should be avoiding root in containers, what rootless containers are, and how they are going to help.

Continue reading ›
CVE-2020-15275 in containerd-shim API

CVE-2020-15275: New Vulnerability Exploits containerd-shim API

A year of challenges isn’t quite over yet, as a new vulnerability was found in containerd, CVE-2020-15257. When exploited, after providing a connection through the container to the host network, an attacker can gain root privileges on the host. This vulnerability was disclosed by Jeff Dileo of NCC Group, our …

Continue reading ›
Fileless Attack Blog Image

Threat Alert: Fileless Malware Executing in Containers

Our cyber research team detected a new type of attack that executes and runs malware straight from memory in containers, thus evading common defenses and static scanning. This malware is using a rootkit to hide its running processes, then hijacks resources by executing a crypto miner from memory — leaving a …

Continue reading ›
AWS Lambda Containers

Aqua Secures Container Image Support in AWS Lambda

Amazon continues to build new capabilities into its serverless operational mode and has launched container image support in AWS Lambda. It enables packaging and deploying Lambda functions as container images. Building on our strong partnership with AWS and our desire to offer the most complete cloud-native security …

Continue reading ›
kube-enforcer

Runtime Protection for K8s Workloads Using a Mutating Admission Controller

Although Kubernetes has certainly matured into a well-adopted container orchestrator platform, it remains complex to manage and secure. Coupling this with a growing attack surface and bad actors trying to exploit it, organizations must implement a comprehensive approach to securing their K8s applications. Aqua aims …

Continue reading ›
Object labels Blog Image v2

Taking Advantage of Object Labels while Controlling the Human Factor

The use of object labels has grown into an industry best practice, as labels allow you to apply metadata to objects like images, deployments, containers, volumes, networks, and more. They can be short and technical, but they can also be more descriptive. However, even with the use of automation for creating labels, …

Continue reading ›
KSPM Kubernetes Security Posture Management

Introducing KSPM by Aqua: Kubernetes Security Posture Management

With the rapid adoption of Kubernetes, an unforeseen consequence has emerged — there simply aren’t enough trained K8s experts to go around, let alone K8s security experts. Kubernetes environments have increased in size and complexity, expanding its attack surface, and ultimately heightening its susceptibility to …

Continue reading ›
CVE-2020-15157 Containerd

CVE-2020-15157: Vulnerability in Containerd Can Leak Cloud Credentials

A new vulnerability was found in containerd, located in the container image-pulling process. The new CVE includes manipulation of the image manifest, allowing attackers to craft an image that can leak the host’s registry or cloud credentials when pulled from a registry. This leak occurs even before the image is …

Continue reading ›
Rules-based registry scanning

Scanning Registries at Scale with Rules-based Image Pulls

Let’s face it, the demands of modern application development put tremendous pressure on Dev. Just to keep up with production demands, most developers have to keep numerous images available in their registries. These images include production images, images being built and pushed regularly, recent “known good” …

Continue reading ›
Github security scanning with trivy

Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action

Modern-day CI/CD pipelines enable new security approaches and transform the DevOps landscape to accommodate a variety of safety nets into the software supply chain. GitHub Actions is an example of one of those safety nets, making it possible to perform a variety of pipeline steps (build, test, and deploy) from …

Continue reading ›

Subscribe to Email Updates

Popular Posts