https://www.aquasec.com/tag/kubernetes-security/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 11:07:09 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/aws-kubernetes-security-and-compliance/ Wed, 15 May 2024 12:00:09 +0000 https://www.aquasec.com/?p=20010 Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.    In …]]> https://www.aquasec.com/blog/the-ticking-supply-chain-attack-bomb-of-exposed-kubernetes-secrets/ Tue, 21 Nov 2023 10:59:32 +0000 https://www.aquasec.com/?p=14186 https://www.aquasec.com/blog/scanning-kbom-for-vulnerabilities-with-trivy/ Mon, 06 Nov 2023 11:56:28 +0000 https://www.aquasec.com/?p=14209 Early this summer we announced the release of Kubernetes Bills of Material (KBOM) as part of Trivy, our all in one, popular open source security scanner. In the blog we discussed how KBOM is the manifest of all the important components that make up your Kubernetes cluster: Control plane components, Node Components, and Addons, including …]]> https://www.aquasec.com/blog/kubernetes-exposed-one-yaml-away-from-disaster/ Tue, 08 Aug 2023 08:58:48 +0000 https://www.aquasec.com/?p=14276 If you thought that falling victim to ransomware, or a hacker hijacking your workstation was a nightmare, consider the potential catastrophe of having your Kubernetes (k8s) cluster hijacked. It could be a disaster magnified a million times over. Kubernetes has gained immense popularity among businesses in recent years due to its undeniable prowess in orchestrating …]]> https://www.aquasec.com/blog/introducing-kbom-kubernetes-bill-of-materials/ Thu, 29 Jun 2023 08:57:48 +0000 https://www.aquasec.com/?p=14376 SBOM (Software Bill of Materials) is an accepted best practice to map the components and dependencies of your applications in order to better understand your applications’ risks. SBOMs are used as a basis for vulnerability assessment, licensing compliance, and more. There are plenty of available tools, such as Aqua Trivy, that help you easily generate …]]> https://www.aquasec.com/blog/leveraging-kubernetes-rbac-to-backdoor-clusters/ Fri, 21 Apr 2023 09:59:09 +0000 https://www.aquasec.com/?p=14426 We have recently discovered the first-ever evidence that attackers are exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) in the wild to create backdoors. The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack. Our research suggests that this campaign is actively targeting at least 60 clusters in the …]]> https://www.aquasec.com/blog/kubernetes-benchmark-scans-trivy-cis-nsa-reports/ Tue, 31 Jan 2023 18:11:13 +0000 https://www.aquasec.com/?p=14486 One of Trivy’s core features is Trivy Kubernetes for in-cluster security scans of running workloads. This tutorial will showcase how to generate CIS and NSA reports both through the Trivy CLI and the Trivy Operator. Additionally, we will look at how users can add the Kubernetes Specification for their own Compliance Report format to expand …]]> https://www.aquasec.com/blog/kubernetes-version-1-26-an-overview/ Thu, 08 Dec 2022 15:00:00 +0000 https://www.aquasec.com/?p=14533 Kubernetes Version 1.26 was released with 37 new enhancements including 11 Stable, 10 Beta, 16 Alpha, and 12 features deprecated or removed. In this blog, we will highlight its most notable features and show how using Trivy will help you find deprecated Kubernetes resources. registry.k8s.io, Generally Available The container image registry has changed from k8s.gcr.io …]]> https://www.aquasec.com/blog/tracee-rules-detect-attackers-out-of-the-box/ Thu, 10 Nov 2022 11:00:00 +0000 https://www.aquasec.com/?p=14559 Aqua Tracee is an open source runtime security and forensics tool for Linux. It can help you detect suspicious behavior at runtime using an extensive data collection engine and a sophisticated rules engine. You can further read about the development of Tracee in our blog The Story of Tracee: The Path to Runtime Security Tool. …]]> https://www.aquasec.com/blog/vulnerability-scanning-trivy-vs-the-trivy-operator/ Thu, 13 Oct 2022 15:29:20 +0000 https://www.aquasec.com/?p=14592 Over the past few months Aqua Trivy, the all-in-one cloud native security scanner, has rapidly grown in features and tapped into new use cases. In this blog post, we will explore An overview of Trivy The different use cases that Trivy covers An overview of the Trivy Operator The difference between Trivy and the Trivy …]]>