BOSTON – June 22, 2021 – Aqua Security, the pure-play cloud native security leader, today announces that Aqua Trivy is now the default open source container scanner for GitLab Container Scanning functionality. Customers can now automatically scan the GitLab CI pipeline container artifacts for OS package vulnerabilities. This change will take place as part of GitLab’s 14.0 release and […]
BOSTON – June 21, 2021 – Aqua Security, the pure-play cloud native security leader, today announced its participation in the launch of the AWS CloudFormation Public Registry, with a published listing to enable customers to easily discover, seamlessly provision, and scale the Aqua Cloud Native Security Platform into their Amazon Web Services, Inc. (AWS) environments. […]
BOSTON – June 21, 2021 – Aqua Security, the pure-play cloud native security leader, today published new research from Team Nautilus revealing a continued rise in cyberattacks targeting container infrastructure and supply chains, and showing that it can now take less than one hour to exploit vulnerable container infrastructure. The Cloud Native Threat Report: Attacks in the […]
For vulnerability scanning, I have to recommend either trivy or grype. Clair is really complicated to set up and is really geared at people scanning entire container registries at once. In general, I would recommend trivy over grype simply because it does not speculate about unconfirmed vulnerabilities, which I think is a distraction to developers, […]
BOSTON – June 8, 2021 – Aqua Security, the pure-play cloud native security leader, today announced the appointment of Darkbit co-founders Brad Geesaman and Josh Larsen to the Aqua team. Geesaman will serve as the Director of Cloud Security and Larsen as the Director of Cloud Product; their expertise will be leveraged to further strengthen Aqua’s Cloud Security Posture Management (CSPM) solution and Kubernetes offerings. Geesaman and Larsen have been singularly focused on cyber and information security for over […]
Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. The Aqua Container Security Platform protects applications running on-premises or in the cloud, across a broad range of platform technologies, orchestrators and cloud providers.
Amir Jerbi, co-founder of Tel Aviv-based Aqua Security, fears that if the monitoring and testing are not done exactly right, the military’s software updates could be compromised during the process of developing them from code in the repository. “Then, the minute something is updated you’re opening the door to something malicious,” Jerbi tells me. “If […]
As per a report from the Nautilus research team of Aqua Security, the year 2020 witnessed increased cyber-attacks targeting cloud-native supply chain and infrastructure. The report provides insights into the security threats that these platforms face, including fileless malware in containers, exploiting misconfigured Docker API ports and using container images that were relatively unsophisticated.