Aqua Blog

Serverless-Security

Serverless Runtime

Performance-Optimized Runtime Protection for Serverless Functions with Aqua

In order to protect serverless functions while they are running, you need to consider the very short execution times and ensure that you’re not slowing down applications or increasing cloud usage costs. In Aqua CSP 4.2, we’ve now introduced advanced runtime protection that does just that, while complementing our …

Continue reading ›
Knative_blog_post_5

Knative: The Serverless Environment for Kubernetes Fans

Knative is the newest member of serverless environments that is gaining significant interest and generating a great deal of hype in the Kubernetes/Cloud Native community. It’s an open source framework that was designed to enable the development and deployment of container-based serverless applications that are easy …

Continue reading ›
Securing-Serverless-Functions-blog-image

Securing Serverless Functions with Aqua

Serverless is generating significant interest and hype, backed up by real-world adoption, and creating a need for better security controls. I've been working with our customers to create the right approach and tooling to protect their FaaS environments ,and from this research, given the extremely short duration of …

Continue reading ›
Blog-image-Amazon-Firecracker-650x315.jpg

Amazon Firecracker: Isolating Serverless Containers and Functions

Infrastructure protection, sandboxed containers, MicroVM hypervisors– these are interchangeable terms describing emerging technologies to isolate micro-services from their underlying infrastructure. These isolation technologies aim to protect the underlying host that runs containers and functions against malicious …

Continue reading ›
Serverless functions risk

Serverless Security: The Importance of FaaS Risk Assessment

In my previous blog, I discussed the serverless services spectrum and the unique security considerations of serverless functions. In this post, I’d like to elaborate on the importance of preliminary risk assessment checks and their contribution to an effective security strategy, based on lessons learned in …

Continue reading ›
serverless2.png

Securing Serverless: Persistent Security for Ephemeral Environments

Cloud-native workloads terminology is used a lot these days to describe new technologies and deployment models of applications in the cloud universe. Serverless is a notable example of such cloud-native-workloads: it prioritizes simplicity and agility over compatibility, control, and performance SLAs. It’s a …

Continue reading ›
Container Compliance Policies

Out-of the-Box Policies Simplify Container Compliance

One of the challenges organizations have in using cloud-native technologies is in figuring out how compliance requirements translate into actionable control points. Most regulations predate containers and serverless technologies and don’t have specific articles governing the use of such technologies.

We recently …

Continue reading ›