Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 11:07:09 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/scanning-kbom-for-vulnerabilities-with-trivy/ Mon, 06 Nov 2023 11:56:28 +0000 https://www.aquasec.com/?p=14209 Early this summer we announced the release of Kubernetes Bills of Material (KBOM) as part of Trivy, our all in one, popular open source security scanner. In the blog we discussed how KBOM is the manifest of all the important components that make up your Kubernetes cluster: Control plane components, Node Components, and Addons, including …]]> https://www.aquasec.com/blog/trivy-kubernetes-cis-benchmark-scanning/ Wed, 19 Apr 2023 09:59:00 +0000 https://www.aquasec.com/?p=14431 CIS (Center for Internet Security) compliance scanning is a standard in Kubernetes (K8s) security and is widely adopted across the industry with implementations in several security scanners. Kube-bench, an open source project developed by Aqua Security was one of the first projects to provide Kubernetes CIS compliance scanning and became a staple in K8s security. …]]> https://www.aquasec.com/blog/kubernetes-benchmark-scans-trivy-cis-nsa-reports/ Tue, 31 Jan 2023 18:11:13 +0000 https://www.aquasec.com/?p=14486 One of Trivy’s core features is Trivy Kubernetes for in-cluster security scans of running workloads. This tutorial will showcase how to generate CIS and NSA reports both through the Trivy CLI and the Trivy Operator. Additionally, we will look at how users can add the Kubernetes Specification for their own Compliance Report format to expand …]]> https://www.aquasec.com/blog/trivy-scans-unpackaged-binary-files/ Wed, 02 Nov 2022 17:51:23 +0000 https://www.aquasec.com/?p=14562 Trivy, the all-in-one security scanner, is now able to scan binary files in your scan targets such as container images. Most security scanners rely on package managers to discover vulnerabilities. Trivy now uses Rekor from Sigstore to look up the hash of a binary file. If a relevant SBOM is found through the hash, Trivy …]]> https://www.aquasec.com/blog/vulnerability-scanning-trivy-vs-the-trivy-operator/ Thu, 13 Oct 2022 15:29:20 +0000 https://www.aquasec.com/?p=14592 Over the past few months Aqua Trivy, the all-in-one cloud native security scanner, has rapidly grown in features and tapped into new use cases. In this blog post, we will explore An overview of Trivy The different use cases that Trivy covers An overview of the Trivy Operator The difference between Trivy and the Trivy …]]> https://www.aquasec.com/blog/triaging-trivy-aws-alerts-with-postee-and-aws-security-hub/ Fri, 30 Sep 2022 09:00:00 +0000 https://www.aquasec.com/?p=14600 Security operators are getting overloaded with alerts and information coming from a variety of sources. Without proper automation and triage, this information often gets lost and unactioned upon. With Postee, this can be remediated with automating commonly taken operator actions ahead of time. Recently, we added the capability for Postee alerts to be sent to …]]> https://www.aquasec.com/blog/now-you-can-scan-your-aws-services-for-security-issues-with-trivy/ Mon, 12 Sep 2022 19:32:07 +0000 https://www.aquasec.com/?p=14652 Every cloud provider has different resources that require detailed understanding to scan for security issues. To make this easier, cloud providers offer built-in security scanners. However, those may often lack functionality and integration into your existing stack. To make security scanning easier, we have added Cloud Security Scanning to Trivy starting with Trivy AWS. This …]]> https://www.aquasec.com/blog/cis-software-supply-chain-compliance/ Thu, 14 Jul 2022 16:43:44 +0000 https://www.aquasec.com/?p=14706 The Center for Internet Security (CIS) has recently released the Software Supply Chain Security Guide, a set of practical, community-developed best practices for securing software delivery pipelines. As an initiator and one of the main contributors to this comprehensive and much-needed guidance, we at Aqua aim to help DevOps teams and the broader cloud native …]]> https://www.aquasec.com/blog/kubernetes-cluster-security-with-trivy/ Tue, 28 Jun 2022 09:30:00 +0000 https://www.aquasec.com/?p=14746 Last month at KubeCon Europe, we released new Kubernetes security scanning for Trivy. It allows you to scan running Kubernetes clusters and resources for misconfigurations directly through the Trivy CLI or by installing the Trivy Kubernetes Operator in a cluster. In this blog, we’ll demonstrate how to use Trivy to scan Kubernetes resources and how …]]> https://www.aquasec.com/blog/trivy-v0-29-0-rbac-security/ Wed, 22 Jun 2022 12:31:24 +0000 https://www.aquasec.com/?p=14759 The new Trivy release is out! As ever, there are tons of exciting updates and features, such as role-based access control (RBAC) and Helm chart scanning, support for custom extensions, a Trivy Operator Lens integration, and many more. Read on for feature highlights and try them out. RBAC scanning RBAC scanning has been a long-requested …]]>