Cloud Native Security, Container Security & Serverless Security Thu, 08 Aug 2024 07:56:55 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/go-deeper-linux-runtime-visibility-meets-wireshark/ Wed, 07 Aug 2024 15:57:42 +0000 https://www.aquasec.com/?p=21380 Aqua Tracee is an open source runtime security and forensics tool for Linux, built to address common Linux security issues. Tracee’s main use case is to be installed in a production environment and continuously monitor system activity and detect suspicious behavior. Some alternative use cases which Tracee can be used for are dynamic malware analysis, …]]> https://www.aquasec.com/blog/aws-kubernetes-security-and-compliance/ Wed, 15 May 2024 12:00:09 +0000 https://www.aquasec.com/?p=20010 Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.    In …]]> https://www.aquasec.com/blog/cve-2024-3094-newly-discovered-backdoor-in-xz-tools/ Mon, 01 Apr 2024 15:49:06 +0000 https://www.aquasec.com/?p=19576 The xz-utils is a popular compression tool used widely across Linux systems, indicating its critical role in the software ecosystem. The xz-utils backdoor, discovered on March 29, 2024, exposes systems to potential backdoor access and remote code execution. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils on systems using glibc, systemd, and patched OpenSSH. …]]> https://www.aquasec.com/blog/aqua-leading-the-charge-in-container-security-innovation/ Wed, 13 Mar 2024 06:58:50 +0000 https://www.aquasec.com/?p=19127 Aqua named a leader and an outperformer in GigaOm Container Security Radar  Containerization has revolutionized application development and deployment, providing enterprises with enhanced speed, agility, and consistency across different computing environments. However, this transformation introduces complexities, particularly regarding security. With the increasing adoption of containerized applications, there’s a growing demand for specialized security solutions tailored …]]> https://www.aquasec.com/blog/elevating-security-protecting-containerized-workloads-on-mainframes/ Wed, 06 Mar 2024 07:58:45 +0000 https://www.aquasec.com/?p=18751 Mainframes and containers represent two distinct yet impactful elements in today’s modern computing architecture. Mainframes are powerful, centralized computing systems known for their reliability, scalability, and ability to handle massive workloads. While containers, on the other hand, have emerged as a lightweight and flexible solution for deploying, scaling, and managing cloud native applications across various …]]> https://www.aquasec.com/blog/ai-guided-remediation-unify-teams-and-speed-vulnerability-resolution/ Tue, 01 Aug 2023 08:55:26 +0000 https://www.aquasec.com/?p=14299 The urgent need for rapid remediation The window of vulnerability after the discovery of a security issue has never been more critical than it is with cloud native applications. Why is that? Cloud apps move fast. With modern CI/CD processes, code can be pushed to production multiple times per day. This means that security gaps …]]> https://www.aquasec.com/blog/establishing-resilient-devsecops/ Thu, 23 Feb 2023 11:00:00 +0000 https://www.aquasec.com/?p=14461 DevSecOps is an easy term to toss around. But what does it mean, exactly? What actually goes into an effective DevSecOps strategy? And how do cloud and DevOps impact DevSecOps processes?  To find out, I participated in a conversation with Merritt Baer, principal in the AWS Office of the CISO, to discuss the best ways …]]> https://www.aquasec.com/blog/intro-to-fileless-malware-in-containers/ Thu, 11 Aug 2022 16:49:52 +0000 https://www.aquasec.com/?p=14664 A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected. In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. Often, attackers may also use compression or encryption to cloak the malware file to avoid detection. Since …]]> https://www.aquasec.com/blog/docker-official-images/ Tue, 24 Aug 2021 10:14:12 +0000 https://www.aquasec.com/?p=15167 A key element in building secure containerized applications is to ensure that the base image that you use is well-maintained and secure. A common piece of advice is to use the Docker Official Images for this purpose. However, our research reveals that you need to be careful when using these images, as some are no …]]> https://www.aquasec.com/blog/infrastructure-as-code-security-scanning/ Tue, 27 Jul 2021 14:42:57 +0000 https://www.aquasec.com/?p=15200 One of the great security benefits of the move to cloud native development is the increased use of Infrastructure as Code (IaC) to describe computing environments. Once things are described as code, we can shift left and secure our environments before they’re deployed. As a major new feature, the latest version of Trivy, Aqua’s open …]]>