https://www.aquasec.com/tag/container-security/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 09:35:30 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/aws-kubernetes-security-and-compliance/ Wed, 15 May 2024 12:00:09 +0000 https://www.aquasec.com/?p=20010 Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.    In …]]> https://www.aquasec.com/blog/the-gaps-in-open-source-governance-that-threaten-the-software-supply-chain/ Tue, 23 Jan 2024 10:56:37 +0000 https://www.aquasec.com/?p=14142 The widespread issue of unmaintained and deprecated npm packages recently discovered by Aqua researchers affects more than a fifth of open source packages. Presenting yet another silent example of hidden threats to the software supply chain, it demonstrates how poor operational and structural integrity of dependencies can be just as risky as code vulnerabilities, while …]]> https://www.aquasec.com/blog/powerhell-active-flaws-in-powershell-gallery-expose-users-to-attacks/ Wed, 16 Aug 2023 08:59:30 +0000 https://www.aquasec.com/?p=14265 Recent findings by Aqua Nautilus have exposed significant flaws that are still active in the PowerShell Gallery’s policy regarding package names and owners. These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package. Consequently, these flaws pave the way for …]]> https://www.aquasec.com/blog/protecting-aws-fargate-containers-at-runtime/ Tue, 14 Feb 2023 16:31:45 +0000 https://www.aquasec.com/?p=14462 Containers as a Service (CaaS) like AWS Fargate have proven to be a valuable mechanism for DevOps teams to build and deploy complex applications at scale. By removing the need for infrastructure management and security, customers can also reduce development costs using AWS Fargate. However, based on the shared responsibility model, customers are still responsible …]]> https://www.aquasec.com/blog/tracee-rules-detect-attackers-out-of-the-box/ Thu, 10 Nov 2022 11:00:00 +0000 https://www.aquasec.com/?p=14559 Aqua Tracee is an open source runtime security and forensics tool for Linux. It can help you detect suspicious behavior at runtime using an extensive data collection engine and a sophisticated rules engine. You can further read about the development of Tracee in our blog The Story of Tracee: The Path to Runtime Security Tool. …]]> https://www.aquasec.com/blog/trivy-scans-unpackaged-binary-files/ Wed, 02 Nov 2022 17:51:23 +0000 https://www.aquasec.com/?p=14562 Trivy, the all-in-one security scanner, is now able to scan binary files in your scan targets such as container images. Most security scanners rely on package managers to discover vulnerabilities. Trivy now uses Rekor from Sigstore to look up the hash of a binary file. If a relevant SBOM is found through the hash, Trivy …]]> https://www.aquasec.com/blog/8220-gang-confluence-vulnerability-cve-2022-26134/ Thu, 07 Jul 2022 03:45:03 +0000 https://www.aquasec.com/?p=14721 A recent campaign by the 8220 gang, who have been known to exploit the newly discovered critical Confluence vulnerability (CVE-2022-26134), targeted one of our honeypots. This campaign has evolved over time to deliberately target containers. In this game of cat and mouse, the threat actors used some new techniques, refurbishing the scripts from one attack …]]> https://www.aquasec.com/blog/trivy-v0-29-0-rbac-security/ Wed, 22 Jun 2022 12:31:24 +0000 https://www.aquasec.com/?p=14759 The new Trivy release is out! As ever, there are tons of exciting updates and features, such as role-based access control (RBAC) and Helm chart scanning, support for custom extensions, a Trivy Operator Lens integration, and many more. Read on for feature highlights and try them out. RBAC scanning RBAC scanning has been a long-requested …]]> https://www.aquasec.com/blog/oss-vulnerability-data-with-aqua-and-sonatype-nexus/ Thu, 12 May 2022 09:45:04 +0000 https://www.aquasec.com/?p=14795 The rise in software supply chain attacks presents a profound challenge to the cornerstone of DevOps practices: the heavy use and reuse of open source software (OSS). Aqua Security extends visibility into risks across the software stack – and helps teams maintain a clear view into their software bills of materials (SBOMs) with the integration …]]> https://www.aquasec.com/blog/container-image-scanning-docker-desktop-with-trivy/ Tue, 03 May 2022 09:30:00 +0000 https://www.aquasec.com/?p=14804 A core part of shifting security left is to check your artifacts and their dependencies for vulnerabilities as early in the dev lifecycle as possible. Whether you’re building your own container images or using third-party images, the Trivy Docker Desktop integration allows you to easily scan any container image directly through the Docker Dashboard. In …]]>