GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

SECURITY RESEARCH
GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking
Threat Alert
Millions of GitHub repositories are potentially vulnerable to RepoJacking. New research by Aqua Nautilus sheds light on the extent of RepoJacking, which if exploited may lead to code execution on organizations’ internal environments or on their customers’ environments. As part of our research, we found an enormous source of data that allowed us to sample …
Read more
CNAPP
The Agent vs Agentless Debate is Over
It’s humbling to see customers adopt Aqua’s cloud security vision. It’s humbling to see our predictions come true, doubly so when competitors start to follow us. The proof came over the last few months as cloud visibility vendors either released their own agent or partnered with an agent provider. This validates what we all know: …
Read more
PARTNERS & ALLIANCES
Aqua CNAPP Integrates with Amazon Security Lake
Enabling Customers with Visibility and Remediation at Scale As the pioneer in cloud native security, Aqua has been at the forefront of CNAPP innovation. Today, we are pleased to announce our integration with Amazon Security Lake.   This integration allows customers the insights needed to determine their risk posture across all their AWS cloud workloads. …
Read more
PARTNERS & ALLIANCES
Remediate Vulnerabilities with Integrated Aqua and ServiceNow Workflows
The move to cloud native changed the daily operations of security teams. This shift requires teams to monitor the risk embedded within cloud environments, which increases the noise level, and piles up thousands of security issues to handle. This new reality requires different measures to handle relevant incidents based on the risk they impose and …
Read more
CLOUD SECURITY
Conquer Cloud Security Risk: Introducing Real-Time CSPM
What if someone handed you a static picture of a highway and asked you to drive using only the picture? Would you still drive even if you knew you could not see all the traffic around you? Yet traditional CSPM solutions show the state of your environment as a snapshot in time, usually once per …
Read more
CNAPP
Aqua CNAPP: From Dev to Cloud and Back
RSA 2023 revealed a much-needed change in perception: cloud native security requires one integrated approach. Finally, a consensus. If you care about cloud security, you care about the lifecycle of your cloud applications. This lifecycle has two fundamental parts: building applications and running them. To secure your applications you need to secure the entire application …
Read more
SECURITY RESEARCH
Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries
Threat Alert
What if you were told that you had a misconfigured registry with hundreds of millions of software artifacts containing highly confidential and sensitive proprietary code and secrets exposed in your environment right now? This would be what you’d call a really bad day for security. Recently, the Aqua Nautilus research team found just that in …
Read more
SECURITY RESEARCH
First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters
We have recently discovered the first-ever evidence that attackers are exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) in the wild to create backdoors. The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack. Our research suggests that this campaign is actively targeting at least 60 clusters in the …
Read more
AQUA OPEN SOURCE
New in Trivy: Kubernetes CIS Benchmark Scanning
CIS (Center for Internet Security) compliance scanning is a standard in Kubernetes (K8s) security and is widely adopted across the industry with implementations in several security scanners. Kube-bench, an open source project developed by Aqua Security was one of the first projects to provide Kubernetes CIS compliance scanning and became a staple in K8s security. …
Read more
CLOUD SECURITY
RSA 2023: Stronger Together, with Aqua
Right now, you can only see half of what is going on in your cloud. Do you want to see the other half?  At RSA this year we are going to show you how Aqua’s single platform provides real-time visibility and better prioritization for your cloud, so you see more and do less.
Read more
CNAPP
Why the time for CNAPP is now
CNAPP is projected to be one of the biggest security categories ever – a $25 to $30B market. Why? Enterprises are continuing to move applications to the cloud while adopting cloud native practices, necessitating new security measures. At the same time, CISOs are under pressure to consolidate tools for better security and operational efficiency.
Read more
SECURITY RESEARCH
CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE
Aqua Nautilus researchers have discovered a chain of critical vulnerabilities, dubbed CorePlague, in the widely used Jenkins Server and Update Center (CVE-2023-27898, CVE-2023-27905). Exploiting these vulnerabilities could allow an unauthenticated attacker to execute arbitrary code on the victim’s Jenkins server, potentially leading to a complete compromise of the Jenkins server. Furthermore, these vulnerabilities could be exploited …
Read more
Page 6 of 33‹ Prev2345678910Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links