https://www.aquasec.com/tag/aqua-open-source/ Cloud Native Security, Container Security & Serverless Security Fri, 09 Aug 2024 21:30:49 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/trailshark-understanding-aws-api-and-service-interactions/ Fri, 09 Aug 2024 19:12:43 +0000 https://www.aquasec.com/?p=21224 In this blog, we introduce TrailShark, a plugin that connects Wireshark with AWS CloudTrail logs. This open-source tool was developed as part of the “Bucket Monopoly” research, during which we identified six vulnerabilities in AWS by tracking service interactions and internal API calls. These vulnerabilities range from remote code execution (RCE) and full-service user takeover …]]> https://www.aquasec.com/blog/go-deeper-linux-runtime-visibility-meets-wireshark/ Wed, 07 Aug 2024 15:57:42 +0000 https://www.aquasec.com/?p=21380 Aqua Tracee is an open source runtime security and forensics tool for Linux, built to address common Linux security issues. Tracee’s main use case is to be installed in a production environment and continuously monitor system activity and detect suspicious behavior. Some alternative use cases which Tracee can be used for are dynamic malware analysis, …]]> https://www.aquasec.com/blog/detecting-ebpf-malware-with-tracee/ Wed, 19 Jul 2023 09:30:46 +0000 https://www.aquasec.com/?p=14324 eBPF is a popular and powerful technology embedded in the Linux kernel. It is widely used by many security tools for monitoring kernel activity to detect and protect organizations. eBPF, however, can potentially be a dual edged sword as it can be used by threat actors as part of their malicious arsenal. Lately, we have …]]> https://www.aquasec.com/blog/trivy-kubernetes-cis-benchmark-scanning/ Wed, 19 Apr 2023 09:59:00 +0000 https://www.aquasec.com/?p=14431 CIS (Center for Internet Security) compliance scanning is a standard in Kubernetes (K8s) security and is widely adopted across the industry with implementations in several security scanners. Kube-bench, an open source project developed by Aqua Security was one of the first projects to provide Kubernetes CIS compliance scanning and became a staple in K8s security. …]]> https://www.aquasec.com/blog/trivy-scans-unpackaged-binary-files/ Wed, 02 Nov 2022 17:51:23 +0000 https://www.aquasec.com/?p=14562 Trivy, the all-in-one security scanner, is now able to scan binary files in your scan targets such as container images. Most security scanners rely on package managers to discover vulnerabilities. Trivy now uses Rekor from Sigstore to look up the hash of a binary file. If a relevant SBOM is found through the hash, Trivy …]]> https://www.aquasec.com/blog/vulnerability-scanning-trivy-vs-the-trivy-operator/ Thu, 13 Oct 2022 15:29:20 +0000 https://www.aquasec.com/?p=14592 Over the past few months Aqua Trivy, the all-in-one cloud native security scanner, has rapidly grown in features and tapped into new use cases. In this blog post, we will explore An overview of Trivy The different use cases that Trivy covers An overview of the Trivy Operator The difference between Trivy and the Trivy …]]> https://www.aquasec.com/blog/trivy-software-supply-chain-security/ Thu, 22 Sep 2022 15:44:36 +0000 https://www.aquasec.com/?p=14615 Application security teams are challenged today with the need for a centralized view of exposure to security issues like Log4j and Spring4Shell. But an exploding set of artifacts and security tools makes it prohibitively difficult to secure the development life cycle. A universal scanner drastically reduces this management overhead and gets you started quickly. We …]]> https://www.aquasec.com/blog/linux-security-with-tracee-and-ebpf/ Wed, 20 Jul 2022 09:30:00 +0000 https://www.aquasec.com/?p=14705 Security practitioners often need to investigate malicious artifacts in their environments, which can be challenging if those are deleted or loaded from memory. This is increasingly the case as threat actors are weaponizing Linux kernel modules to perform and hide their attacks. In this blog, we look into kernel modules and explain why they can …]]> https://www.aquasec.com/blog/cis-software-supply-chain-compliance/ Thu, 14 Jul 2022 16:43:44 +0000 https://www.aquasec.com/?p=14706 The Center for Internet Security (CIS) has recently released the Software Supply Chain Security Guide, a set of practical, community-developed best practices for securing software delivery pipelines. As an initiator and one of the main contributors to this comprehensive and much-needed guidance, we at Aqua aim to help DevOps teams and the broader cloud native …]]> https://www.aquasec.com/blog/kubernetes-cluster-security-with-trivy/ Tue, 28 Jun 2022 09:30:00 +0000 https://www.aquasec.com/?p=14746 Last month at KubeCon Europe, we released new Kubernetes security scanning for Trivy. It allows you to scan running Kubernetes clusters and resources for misconfigurations directly through the Trivy CLI or by installing the Trivy Kubernetes Operator in a cluster. In this blog, we’ll demonstrate how to use Trivy to scan Kubernetes resources and how …]]>