Cloud Native Security, Container Security & Serverless Security Thu, 18 Apr 2024 08:39:22 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/white-house-shifts-cybersecurity-strategy-to-drive-resilience/ Fri, 03 Mar 2023 17:00:41 +0000 https://www.aquasec.com/?p=14459 This week, the White House released its updated National Cybersecurity Strategy detailing the comprehensive approach the U.S. Government’s Administration is taking to cybersecurity. The strategy contains a set of three pillars that outline collaboration between public and private sectors, dealing with systemic challenges within cybersecurity and realignment of incentives for the industry. Pillar Three specifically …]]> https://www.aquasec.com/blog/achieve-software-supply-chain-compliance-with-us-executive-order-14028/ Tue, 06 Dec 2022 11:00:00 +0000 https://www.aquasec.com/?p=14537 Thanks to many factors like the rise of the cloud infrastructure, the abundance of prebuilt open-source code, and process improvements in DevOps, innovating with software is happening faster than ever. The software supply chain is the assembly line for these technological innovations and can be thought of as any combination of code, tools, and processes …]]> https://www.aquasec.com/blog/trivy-now-scans-amazon-machine-images-amis/ Thu, 01 Dec 2022 16:42:49 +0000 https://www.aquasec.com/?p=14538 While more and more companies are moving to a cloud native technologies to manage their workloads and infrastructure, Virtual Machines (VMs) remain a staple infrastructure that powers many existing organizations and applications. Trivy, the all-in-one open-source security scanner, already scans most of the cloud native stack including containers, clusters, and clouds. Today, we are announcing …]]> https://www.aquasec.com/blog/amazon-eks-anywhere/ Wed, 29 Jun 2022 12:45:00 +0000 https://www.aquasec.com/?p=14745 With the release of Amazon EKS Anywhere (EKS-A) Bare Metal, Amazon Web Services has expanded the choices of infrastructure to deploy EKS Anywhere clusters using on-premise bare metal servers as a deployment target. In support of this, Aqua has worked to ensure that as customers adopt EKS Anywhere to automate Kubernetes cluster lifecycle management for …]]> https://www.aquasec.com/blog/ciso-survey-cloud-native-security/ Tue, 26 Apr 2022 09:00:00 +0000 https://www.aquasec.com/?p=14828 What is the CISO approach to securing cloud native applications? Our recent survey of CISOs at Fortune 1000 companies gives a view into their perspectives on the critical security capabilities that allow for speed and agility while reducing friction between teams and preserving business continuity. According to the research results, CISOs are concerned with stopping …]]> https://www.aquasec.com/blog/cloud-native-security-aqua-terraform-provider/ Mon, 25 Apr 2022 09:30:00 +0000 https://www.aquasec.com/?p=14832 At Aqua, we believe that cloud native is an opportunity to do security right. With the release of our Terraform Provider, we’ve added another tool to do security the cloud native way. With Aqua Terraform Provider, security teams can easily adopt DevOps processes and infrastructure as code (IaC) to consistently automate how they deploy and …]]> https://www.aquasec.com/blog/russia-ukraine-cyber-attacks/ Mon, 07 Mar 2022 15:54:32 +0000 https://www.aquasec.com/?p=14959 The devastating events in Ukraine have already affected millions of lives and organizations, with profound consequences extending far beyond the region. As the conflict continues to unfold, companies in the US and around the world are facing the growing risk of aggressive Russian cyberattacks. In the face of these threats, CISOs and CIOs must ramp …]]> https://www.aquasec.com/blog/zero-trust-kubernetes/ Wed, 16 Feb 2022 12:55:59 +0000 https://www.aquasec.com/?p=14964 In late January, the White House published a memo that lays the groundwork for creating a zero-trust architecture for federal agencies. With renewed attention from the US government, zero-trust networking is an area that many organizations are focusing on to improve their security posture. With that focus, it makes sense to understand where these principles …]]> https://www.aquasec.com/blog/cloudformation-templates-scan-with-trivy/ Tue, 08 Feb 2022 12:02:35 +0000 https://www.aquasec.com/?p=14974 Aqua Security’s open source project Trivy now includes scanning of AWS CloudFormation templates to help developers better identify and remediate security issues within infrastructure as code (IaC) templates. Building on the technology and rule sets behind our popular open source project tfsec, Trivy now allows developers to evaluate AWS CloudFormation code, either locally or within …]]> https://www.aquasec.com/blog/pci-dss-compliance-in-cloud-native/ Wed, 24 Nov 2021 14:59:41 +0000 https://www.aquasec.com/?p=15056 The Payment Card Industry Data Security Standard (PCI DSS) is a well-known compliance framework for any organization handling payment card data. However, translating the PCI DSS requirements into the world of containers and Kubernetes can be overwhelming. In this post, we break down how containerized applications impact PCI DSS compliance and how to meet its …]]>