Aqua News

the vulnerability remediation lifecycle of Alpine containers

June 8, 2021

For vulnerability scanning, I have to recommend either trivy or grype.  Clair is really complicated to set up and is really geared at people scanning entire container registries at once.  In general, I would recommend trivy over grype simply because it does not speculate about unconfirmed vulnerabilities, which I think is a distraction to developers, […]

Read more

Darkbit Founders Join Aqua Security to Bolster Cloud Native Security Expertise   

June 8, 2021

BOSTON – June 8, 2021 – Aqua Security, the pure-play cloud native security leader, today announced the appointment of Darkbit co-founders Brad Geesaman and Josh Larsen to the Aqua team. Geesaman will serve as the Director of Cloud Security and Larsen as the Director of Cloud Product; their expertise will be leveraged to further strengthen Aqua’s Cloud Security Posture Management (CSPM) solution and Kubernetes offerings.   Geesaman and Larsen have been singularly focused on cyber and information security for over […]

Read more

A guide to application security tools

June 2, 2021

Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. The Aqua Container Security Platform protects applications running on-premises or in the cloud, across a broad range of platform technologies, orchestrators and cloud providers.

Read more

Meet the Pentagon’s software modernization evangelist

June 1, 2021

Amir Jerbi, co-founder of Tel Aviv-based Aqua Security, fears that if the monitoring and testing are not done exactly right, the military’s software updates could be compromised during the process of developing them from code in the repository. “Then, the minute something is updated you’re opening the door to something malicious,” Jerbi tells me. “If […]

Read more

The State of Kubernetes in 2021 and What CISOs Can Do About it

May 28, 2021

As per a report from the Nautilus research team of Aqua Security, the year 2020 witnessed increased cyber-attacks targeting cloud-native supply chain and infrastructure. The report provides insights into the security threats that these platforms face, including fileless malware in containers, exploiting misconfigured Docker API ports and using container images that were relatively unsophisticated.

Read more

Amazon Launches ECS Anywhere in General Availability

May 27, 2021

Customers and partners currently using ECS Anywhere include Siemens, CyberAgent, Getir, and Infosys among others, according to VP of compute services at AWS Deepak Singh. Canonical is leveraging it to offer Ubuntu for container workloads, while Aqua Security is using ECS Anywhere to help clients build cloud-native apps that meet certain compliance requirements.

Read more

Aqua Security Experts Tapped by MITRE ATT&CK® to Contribute to New Container Framework 

May 24, 2021

BOSTON – May 24, 2021 – Aqua Security, the pure-play cloud native security leader, today announced that its Team Nautilus researchers were tapped by the MITRE ATT&CK team to contribute to the development of the new Container Framework. Aqua’s contributions help to create a foundation for cloud security methodologies and shape the future of container security by illuminating key cloud native […]

Read more

Container, Serverless & Cloud Native Security Flash – May 2021

May 20, 2021

Last month, the Codecov breach has again raised concerns about the security of the software supply chain. On our blog, we share the lessons from this incident and explore how you can start protecting your development pipeline against CI poisoning and supply chain attacks. On the cloud threat front, our latest research reveals 90% of companies are vulnerable to security breaches […]

Read more