Application Security - Aqua https://www.aquasec.com/tag/application-security/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 11:01:56 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 Aqua CNAPP: From Dev to Cloud and Back https://www.aquasec.com/blog/cnapp-from-dev-to-cloud-and-back/ Tue, 02 May 2023 13:16:33 +0000 https://www.aquasec.com/?p=14415 Aqua CNAPP: From Dev to Cloud and BackRSA 2023 revealed a much-needed change in perception: cloud native security requires one integrated approach. Finally, a consensus. If you care about cloud security, you care about the lifecycle of your cloud applications. This lifecycle has two fundamental parts: building applications and running them. To secure your applications you need to secure the entire application …]]> Frost Radar for CNAPPs: Why is Aqua the Top Innovation Leader? https://www.aquasec.com/blog/frost-radar-for-cnapps-aqua-is-the-top-innovation-leader/ Thu, 08 Dec 2022 13:48:42 +0000 https://www.aquasec.com/?p=14536 Frost Radar for CNAPPs: Why is Aqua the Top Innovation Leader?Fifteen vendors. That’s the number of CNAPPs featured in analyst firm Frost & Sullivan’s recent radar for Cloud Native Application Protection Platforms, the first report to rank CNAPP solution providers to come out at this early stage of the market. Not surprisingly to us, Aqua came out on top (or rather, to the right) when …]]> A Security Review of Docker Official Images: Which Do You Trust? https://www.aquasec.com/blog/docker-official-images/ Tue, 24 Aug 2021 10:14:12 +0000 https://www.aquasec.com/?p=15167 A Security Review of Docker Official Images: Which Do You Trust?A key element in building secure containerized applications is to ensure that the base image that you use is well-maintained and secure. A common piece of advice is to use the Docker Official Images for this purpose. However, our research reveals that you need to be careful when using these images, as some are no …]]> Top 10 Kubernetes Application Security Hardening Techniques https://www.aquasec.com/blog/kubernetes-hardening-techniques/ Wed, 18 Aug 2021 10:00:00 +0000 https://www.aquasec.com/?p=15176 Top 10 Kubernetes Application Security Hardening TechniquesOne of the main challenges developers face is how to manage security risks when deploying applications to Kubernetes clusters. A great way to address this early is by applying security hardening to the application manifests during the development process. In this post, we run down 10 ways that developers can apply hardening to their applications. …]]> Supply Chain Attacks and Cloud Native: What You Need to Know https://www.aquasec.com/blog/supply-chain-threat/ Thu, 17 Jun 2021 09:29:34 +0000 https://www.aquasec.com/?p=15226 Supply Chain Attacks and Cloud Native: What You Need to KnowThe past couple of years have seen a rise in software supply chain attacks, with the most salient example being the Solarwinds attack. As production environments have gained multiple layers of protection, and much of the attention of security teams, malicious actors have set their sights on “poisoning the well”, i.e., target where applications are …]]> CVE-2021-3156 sudo Vulnerability Allows Root Privileges https://www.aquasec.com/blog/cve-2021-3156-sudo-vulnerability-allows-root-privileges/ Mon, 01 Feb 2021 11:15:00 +0000 https://www.aquasec.com/?p=15356 CVE-2021-3156 sudo Vulnerability Allows Root PrivilegesA new severe vulnerability was found in Unix and Linux operating systems that allows an unprivileged user to exploit this vulnerability using sudo, causing a heap overflow to elevate privileges to root without authentication, or even get listed in the sudoers file. In this blog, I’ll go over how this CVE can be exploited, what …]]> Simplifying Access to the Aqua Platform with Okta https://www.aquasec.com/blog/okta-identity-management/ Thu, 13 Jun 2019 14:31:00 +0000 https://www.aquasec.com/?p=15820 Simplifying Access to the Aqua Platform with OktaEnterprise-grade solutions are expected to integrate with existing enterprise infrastructure, including providing SSO to authenticate users without requiring separate definitions of user identity and access credentials. Federated Identity provides a secure way for Service Providers to externalize authentication by integrating with its suppliers’ existing identity infrastructure, or Identity Provider. This led to the development of …]]> Revisiting AWS Fargate with Aqua https://www.aquasec.com/blog/revisiting-aws-fargate-with-aqua/ Wed, 07 Mar 2018 11:15:00 +0000 https://www.aquasec.com/?p=16048 Revisiting AWS Fargate with AquaA few months ago I was lucky enough to get my hands on Fargate when it was in preview in the run-up to AWS re:invent. It was immediately clear that it’s a pretty cool concept, and that it presents a new challenge for security solutions like Aqua, because of the lack of a “host” entity …]]> Aqua Integration with VMWare for Hybrid VM and Container Security https://www.aquasec.com/blog/aqua-integration-with-vmware-for-hybrid-vm-and-container-security/ Mon, 19 Sep 2016 03:45:42 +0000 https://www.aquasec.com/?p=16294 Aqua Integration with VMWare for Hybrid VM and Container SecurityLast month at VMWorld we had the pleasure of being part of a next-generation security session given by VMWare’s SVP of Security Products, Tom Corn.  VMWare is of course no stranger to containers, and already has hybrid platforms running both VMs and containers side by side. The gist of VMWare’s next gen approach is what they …]]>