Aqua Blog
Experts insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
IoT security

Building IoT Applications with Containers

Docker and Arm Announcement

At DockerCon earlier this month, Docker and Arm announced a joint venture in which new Docker-based solutions will be available to the Arm ecosystem. Docker and Arm touted this synergy as a way for developers to leverage containers, both remote and on-premises, in an easier way. There …

Continue reading ›
Docker Image Vulnerability Scanning

CVE-2019-5021: Alpine Docker Image ‘null root password’ Vulnerability

A new vulnerability that impacts Alpine Docker images was published last week. The vulnerability is due to the ‘root’ user password which is set, by default, to NULL on Alpine Docker images from version 3.3 or higher.

Continue reading ›
Container Security Openshift

Streamline Image Vulnerability Management for OpenShift Image Streams

In traditional cloud native environments, actions such as building and deploying applications will usually involve working directly with images hosted in one or more registries. Customers wishing to track changes in those images, in order to identify security and compliance issues, would need to set up an automatic …

Continue reading ›
Container security

Securing ISV-Provided Container Images

Containers make it very easy to package and deliver applications, so it’s not surprising that many ISVs (Independent Software Providers) are leading the trend of packaging their software, whether it’s commercial off-the-shelf (COTS) or custom-developed code, as container images. These images are then fed into the …

Continue reading ›
Blog-pic-Microscanner-Jenkins_2.png

Aqua MicroScanner: Free Image Vulnerability Scanning Plugin for Jenkins

A few weeks ago we released Aqua MicroScanner, a free vulnerability scanner that you can embed into the dockerfile and automate scanning during image build.

Continue reading ›
Aqua’s new MicroScanner_ Free Image Vulnerability Scanner for Developers

Aqua’s MicroScanner: Free Image Vulnerability Scanner for Developers

At Aqua we’ve been working on a new, free-to-use tool for scanning your container images for package vulnerabilities. MicroScanner uses the same vulnerability database as Aqua’s best-in-class commercial scanner, so you’re getting top-notch results.

Continue reading ›
PCF banner.png

Using Aqua to Secure Applications on Pivotal Cloud Foundry

Many organizations use Pivotal Cloud Foundry (PCF), one of the world’s most powerful cloud-native platforms. PCF enables developers and operators to iterate rapidly, and help expand and launch new businesses fast, as well as deliver extraordinary user experiences to their customers.

Continue reading ›
Applying Multiple Security Policies to Images in Your Pipeline - Blog Banner (1).png

Applying Multiple Security Policies to Images in Your Pipeline to Improve Speed and Efficiency

When it comes to securing containerized applications, the first item on everyone’s agenda is to ensure that only trusted images are running in your environment, based on security and compliance policies. And for good reason too. This is by far the most effective preventive measure you can take to protect your …

Continue reading ›
Grafeas and Image Vulnerability Scanning

Grafeas and Image Vulnerability Scanning

A couple of months ago Aqua Security were part of a group of companies supporting the launch of Grafeas, an open source API initially introduced by Google that allows users to manage and query metadata about software artifacts. We wrote an article about our plans to support Grafeas and now it’s time to see it in …

Continue reading ›
blog AWS PrivateLink.png

Image Scanning in VPCs with Aqua and AWS PrivateLink

Amazon Web Services announced today at re:Invent an to a recent feature PrivateLink, that enables AWS Virtual Private Cloud customers to consume apps outside their VPCs through service endpoints, using their own private IP addresses and security groups. This is a non-trivial task since VPCs are made to be isolated, …

Continue reading ›
blog-pps.png

How Aqua Scans Container Images On-Demand From The AWS Marketplace

Today we announced the availability of a new offering on AWS - our on-demand, pay-per-scan security scanner for container images is now available in the AWS Marketplace. The scanner is a full-featured version of Aqua's image scanning capabilities found in the Aqua Container Security Platform, but with a licensing …

Continue reading ›