Aqua Blog

Hybrid Cloud Security

Threat Alert: New Attack Vector Targeting Your Cloud Environment

The Aqua Research team has identified a new attack vector that points to an evolution in attacks’ techniques and capabilities. In these attacks, the attackers focused on spreading into instances that were running in the cloud. The attackers deployed a clean Ubuntu container, mounted the host file system, which …

Continue reading ›
CSPM

A CloudSploit Case Study: Trek10's Three AWS Cloud Security Concerns & One Solution

With all the security breaches that occurred on AWS in 2017, be they caused by poorly managed Amazon S3 permissions to inadequate security group configurations, we have seen that no company or government agency is above making simple mistakes. This post will explain three areas of security we’ve noticed many AWS …

Continue reading ›
CloudSploit By Aqua

Expanding into CSPM with CloudSploit and Deepening Security for Cloud VMs

IT spend on public cloud will more than double by 2023 (IDC) and hybrid multi-clouds will soon be the more common environment for enterprises. The benefits of using cloud infrastructure including the ability to scale, ease of use and speed of application delivery are too attractive to ignore, however, the …

Continue reading ›
Hybrid Cloud security

Securing Hybrid Cloud Workloads on Google Anthos

There are major shifts happening around container technology. We have seen ongoing improvements in automation tooling and changes as fully containerized workloads move into production. Companies are often running more than one production Kubernetes cluster at a time.  DevOps and operations teams, subsequently, have …

Continue reading ›
VMware AppDefense

Secure Apps Across VMs and Containers with Aqua and VMware AppDefense

Best-of-Breed Security for Hybrid Environments

Today we announced a new partnership with VMware, based on their AppDefense solution. The combined offering provides a least-privilege security solution for applications running across containers and VMs. VMware, known of course for its virtualization technology, has …

Continue reading ›
Protecting Hybrid-Cloud Workloads Lessons from ESG Survey

Protecting Hybrid-Cloud Workloads? Lessons from ESG Survey

Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs

Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities in images, and the need for granular access-control between containers

Continue reading ›