CONTAINER SECURITY - Aqua Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 09:30:24 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 Compliance to Implementation: Exploring DORA and NIS 2 Frameworks https://www.aquasec.com/blog/compliance-to-implementation-exploring-dora-and-nis-2-frameworks/ Wed, 10 Jul 2024 15:01:49 +0000 https://www.aquasec.com/?p=20860 Compliance to Implementation: Exploring DORA and NIS 2 FrameworksThe importance of cybersecurity and operational resilience in the financial sector has never been more pronounced. The European Union (EU) has been at the forefront of addressing these critical issues, enacting comprehensive legislations to safeguard the digital infrastructure and ensure the continuity of financial services. Two pivotal pieces of legislation in this domain are the …]]> Elevating AWS Kubernetes Security and Compliance   https://www.aquasec.com/blog/aws-kubernetes-security-and-compliance/ Wed, 15 May 2024 12:00:09 +0000 https://www.aquasec.com/?p=20010 Elevating AWS Kubernetes Security and Compliance  Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.    In …]]> CVE-2024-3094: Newly Discovered Backdoor in XZ tools https://www.aquasec.com/blog/cve-2024-3094-newly-discovered-backdoor-in-xz-tools/ Mon, 01 Apr 2024 15:49:06 +0000 https://www.aquasec.com/?p=19576 CVE-2024-3094: Newly Discovered Backdoor in XZ toolsThe xz-utils is a popular compression tool used widely across Linux systems, indicating its critical role in the software ecosystem. The xz-utils backdoor, discovered on March 29, 2024, exposes systems to potential backdoor access and remote code execution. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils on systems using glibc, systemd, and patched OpenSSH. …]]> Aqua: Leading the Charge in Container Security Innovation https://www.aquasec.com/blog/aqua-leading-the-charge-in-container-security-innovation/ Wed, 13 Mar 2024 06:58:50 +0000 https://www.aquasec.com/?p=19127 Aqua: Leading the Charge in Container Security InnovationAqua named a leader and an outperformer in GigaOm Container Security Radar  Containerization has revolutionized application development and deployment, providing enterprises with enhanced speed, agility, and consistency across different computing environments. However, this transformation introduces complexities, particularly regarding security. With the increasing adoption of containerized applications, there’s a growing demand for specialized security solutions tailored …]]> Elevating Security: Protecting Containerized Workloads on Mainframes https://www.aquasec.com/blog/elevating-security-protecting-containerized-workloads-on-mainframes/ Wed, 06 Mar 2024 07:58:45 +0000 https://www.aquasec.com/?p=18751 Elevating Security: Protecting Containerized Workloads on MainframesMainframes and containers represent two distinct yet impactful elements in today’s modern computing architecture. Mainframes are powerful, centralized computing systems known for their reliability, scalability, and ability to handle massive workloads. While containers, on the other hand, have emerged as a lightweight and flexible solution for deploying, scaling, and managing cloud native applications across various …]]> AI-Guided Remediation: Unify Teams and Speed Vulnerability Resolution https://www.aquasec.com/blog/ai-guided-remediation-unify-teams-and-speed-vulnerability-resolution/ Tue, 01 Aug 2023 08:55:26 +0000 https://www.aquasec.com/?p=14299 AI-Guided Remediation: Unify Teams and Speed Vulnerability ResolutionThe urgent need for rapid remediation The window of vulnerability after the discovery of a security issue has never been more critical than it is with cloud native applications. Why is that? Cloud apps move fast. With modern CI/CD processes, code can be pushed to production multiple times per day. This means that security gaps …]]> Establishing a Resilient DevSecOps Action Plan https://www.aquasec.com/blog/establishing-resilient-devsecops/ Thu, 23 Feb 2023 11:00:00 +0000 https://www.aquasec.com/?p=14461 Establishing a Resilient DevSecOps Action PlanDevSecOps is an easy term to toss around. But what does it mean, exactly? What actually goes into an effective DevSecOps strategy? And how do cloud and DevOps impact DevSecOps processes?  To find out, I participated in a conversation with Merritt Baer, principal in the AWS Office of the CISO, to discuss the best ways …]]> Intro to Fileless Malware in Containers https://www.aquasec.com/blog/intro-to-fileless-malware-in-containers/ Thu, 11 Aug 2022 16:49:52 +0000 https://www.aquasec.com/?p=14664 Intro to Fileless Malware in ContainersA fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected. In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. Often, attackers may also use compression or encryption to cloak the malware file to avoid detection. Since …]]> A Security Review of Docker Official Images: Which Do You Trust? https://www.aquasec.com/blog/docker-official-images/ Tue, 24 Aug 2021 10:14:12 +0000 https://www.aquasec.com/?p=15167 A Security Review of Docker Official Images: Which Do You Trust?A key element in building secure containerized applications is to ensure that the base image that you use is well-maintained and secure. A common piece of advice is to use the Docker Official Images for this purpose. However, our research reveals that you need to be careful when using these images, as some are no …]]> Shifting Left: Infrastructure as Code security with Trivy https://www.aquasec.com/blog/infrastructure-as-code-security-scanning/ Tue, 27 Jul 2021 14:42:57 +0000 https://www.aquasec.com/?p=15200 Shifting Left: Infrastructure as Code security with TrivyOne of the great security benefits of the move to cloud native development is the increased use of Infrastructure as Code (IaC) to describe computing environments. Once things are described as code, we can shift left and secure our environments before they’re deployed. As a major new feature, the latest version of Trivy, Aqua’s open …]]>