Aqua Blog

Container Security

Trivy v0.29.0 Release: RBAC, Helm, Custom Extensions, and More

Trivy v0.29.0 Release: RBAC, Helm, Custom Extensions, and More

The new Trivy release is out! As ever, there are tons of exciting updates and features, such as role-based access control (RBAC) and Helm chart scanning, support for custom extensions, a Trivy Operator Lens integration, and many more. Read on for feature highlights and try them out.

Continue reading ›
Integrate OSS Container Vulnerability Data with Aqua and Sonatype Nexus

Integrate OSS Container Vulnerability Data with Aqua and Sonatype Nexus

The rise in software supply chain attacks presents a profound challenge to the cornerstone of DevOps practices: the heavy use and reuse of open source software (OSS). Aqua Security extends visibility into risks across the software stack – and helps teams maintain a clear view into their software bills of materials …

Continue reading ›
Unlimited Container Image Scanning in Docker Desktop with Trivy

Unlimited Container Image Scanning in Docker Desktop with Trivy

A core part of shifting security left is to check your artifacts and their dependencies for vulnerabilities as early in the dev lifecycle as possible. Whether you’re building your own container images or using third-party images, the Trivy Docker Desktop integration allows you to easily scan any container image …

Continue reading ›
Hunting Rootkits with eBPF: Detecting Linux Syscall Hooking Using Tracee

Hunting Rootkits with eBPF: Detecting Linux Syscall Hooking Using Tracee

Today, cloud native platforms are increasingly using eBPF-based security technology. It enables the monitoring and analysis of applications’ runtime behavior by creating safe hooks for tracing internal functions and capturing important data for forensic purposes. Tracee is an open source runtime security and forensics …

Continue reading ›
New Linux Kernel Vulnerability: Escaping Containers by Abusing Cgroups

New Linux Kernel Vulnerability: Escaping Containers by Abusing Cgroups

CVE-2022-0492, a recently disclosed high-severity Linux vulnerability that relates to a weakness in the handling of release_agent in cgroups, could allow for container escape under some circumstances. Fortunately, in common container configurations, the various layers of security hardening will block effective …

Continue reading ›
Dirty Pipe Linux Vulnerability: Overwriting Files in Container Images

Dirty Pipe Linux Vulnerability: Overwriting Files in Container Images

A new CVE in the Linux kernel was released this week. CVE-2022-0847, aka “Dirty Pipe”, is a vulnerability that allows users on a Linux system to overwrite the contents of files that they can read but shouldn’t be able to write to. Looking at this vulnerability from the perspective of hosts using containerization …

Continue reading ›
Adopting Zero Trust in Kubernetes: The Fundamentals

Adopting Zero Trust in Kubernetes: The Fundamentals

In late January, the White House published a memo that lays the groundwork for creating a zero-trust architecture for federal agencies. With renewed attention from the US government, zero-trust networking is an area that many organizations are focusing on to improve their security posture. With that focus, it makes …

Continue reading ›
CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes

CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes

Last week, a new high-severity CVE was released that affects the Linux kernel. This vulnerability provides an opportunity for an attacker who has access to a system as an unprivileged user to escalate those rights to root. To do this, the attacker must have a specific Linux capability, CAP_SYS_ADMIN, which reduces the …

Continue reading ›
Threat Alert: Tracking Real-World Apache Log4j Attacks

Threat Alert: Tracking Real-World Apache Log4j Attacks

This blog was co-authored with Ori Glassman, a security researcher at Aqua Security

Until last week, Log4j was just a popular Java logging framework, one of the numerous components that run in the background of many modern web applications. But since a zero-day vulnerability (CVE-2021-44228) was published, Log4j has …

Continue reading ›
CVE-2021-45046: Second Log4j Security Vulnerability Discovered

CVE-2021-45046: Second Log4j Security Vulnerability Discovered

Dec 17 update: The CVSSv3 score for CVE-2021-45046 has been raised from 3.7 to 9.0.

While many organizations are still dealing with the discovery and mitigation process for the previous Log4j CVE, the project has announced that another vulnerability CVE-2021-45046 has been discovered due to an incomplete fix in Log4j …

Continue reading ›
CVE-2021-44228 aka Log4Shell Vulnerability Explained

CVE-2021-44228 aka Log4Shell Vulnerability Explained

Log4Shell, a new, critical zero-day vulnerability that crashed onto the scene last Friday, shows how issues that are hidden in seemingly basic functionality can have major repercussions for enterprise security. When the dust settles from the immediate incident response and remediation, organizations should assess how …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...