Aqua Blog

Runtime Security

Using LSM Hooks with Tracee to Overcome Gaps with Syscall Tracing

Using LSM Hooks with Tracee to Overcome Gaps with Syscall Tracing

Tracee is an open source runtime security and forensics tool for Linux, built to address common Linux security issues. By leveraging the advantages of Linux extended Berkeley Packet Filter (eBPF) technology to trace systems and applications at runtime, Tracee analyzes collected events to detect suspicious behavioral …

Continue reading ›
Vulnerability Management in Container Images from Build to Runtime

Vulnerability Management in Container Images from Build to Runtime

When it comes to containerized workloads, resolving the underlying image's security vulnerabilities is paramount to ensuring the safety of your environment. Getting security risk information into the hands of developers quickly and efficiently is key to keeping development cycles as short as possible while maintaining …

Continue reading ›
Aqua Supports New Amazon ECS Exec Troubleshooting Capability

Aqua Supports New Amazon ECS Exec Troubleshooting Capability

Aqua has been securing Amazon ECS workloads throughout its evolution and now we are expanding our support to secure Amazon’s new ECS Exec; a simple, secure, and auditable way to execute commands into containers. This new capability extends Aqua’s runtime protection features, including drift prevention, to ensure that …

Continue reading ›
Operationalize Your Cloud Native Security with Aqua’s New Dashboard

Operationalize Your Cloud Native Security with Aqua’s New Dashboard

Utilizing advanced cloud native tools without the ability to effectively unify, track, and display current conditions can create significant gaps in your security coverage. By ensuring complete visibility into your security posture across your environment, you can quickly identify key issues and prioritize them for …

Continue reading ›
Blocking Attacks in Runtime with Drift Prevention

Blocking Attacks in Runtime with Drift Prevention

Drift prevention is the cloud native answer to malware, worms and zero-day exploits. It’s also one of the best things to happen to security since the firewall, and finally a departure from the defeatist “we can’t really stop attacks so let’s not try” approach that’s been plaguing the mindset of security professionals …

Continue reading ›
Performance-Optimized Runtime Protection for Serverless Functions with Aqua

Performance-Optimized Runtime Protection for Serverless Functions with Aqua

In order to protect serverless functions while they are running, you need to consider the very short execution times and ensure that you’re not slowing down applications or increasing cloud usage costs. In Aqua CSP 4.2, we’ve now introduced advanced runtime protection that does just that, while complementing our …

Continue reading ›
Mitigating High Severity RunC Vulnerability (CVE-2019-5736)

Mitigating High Severity RunC Vulnerability (CVE-2019-5736)

Yesterday it was disclosed that a new high severity (CVSS score 7.2) vulnerability (CVE-2019-5736) was found in runc, that allows an attacker to potentially compromise the container host. Patches are already available from most providers (see below). Aqua customers can also prevent this vulnerability from being …

Continue reading ›
Amazon Firecracker: Isolating Serverless Containers and Functions

Amazon Firecracker: Isolating Serverless Containers and Functions

Infrastructure protection, sandboxed containers, MicroVM hypervisors– these are interchangeable terms describing emerging technologies to isolate micro-services from their underlying infrastructure. These isolation technologies aim to protect the underlying host that runs containers and functions against malicious …

Continue reading ›
Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)

Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)

Earlier this week, a severe vulnerability in Kubernetes (CVE-2018-1002105) was disclosed that allows an unauthenticated user to perform privilege escalation and gain full admin privileges on a cluster. The CVE was given the high severity score of 9.8 (out of 10) and it affects all Kubernetes versions from 1.0 onwards, …

Continue reading ›
Report by Gartner Highlights Maturing Options for Securing Containers

Report by Gartner Highlights Maturing Options for Securing Containers

Gartner recently released a Technical Professional Advice report titled Container Security -- From Image Analysis to Network Segmentation, Options Are Maturing* (by Joerg Fritsch and Michael Isbitski, 28 August 2018), with a detailed analysis of the space, including open source tools and commercial solutions.

We're …

Continue reading ›
Out-of the-Box Policies Simplify Container Compliance

Out-of the-Box Policies Simplify Container Compliance

One of the challenges organizations have in using cloud native technologies is in figuring out how compliance requirements translate into actionable control points. Most regulations predate containers and serverless technologies and don’t have specific articles governing the use of such technologies.

We recently …

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...