Aqua News

Container images, functions and packages are updated frequently using CI/CD (continuous integration/continuous delivery) pipelines, creating multiple opportunities for attackers to embed themselves into the process. Team Nautilus, Aqua’s cyber research team, has detected and analyzed attacks on CI SaaS environments that abused the CI process itself to gain access to cloud CPU time. From there, …

Any business could be the victim of the next-large scale cyberattack, and it’s the companies that treat this as an inevitability which will be better prepared and more able to protect themselves. The key to this is forensic analysis. Performing forensic analysis will give businesses valuable insights into vulnerabilities and the best steps to take …

BOSTON –  May 6, 2021 – Aqua Security, the pure-play cloud native security leader, today announced the appointment of Sharon Eilon as Chief Customer Officer to support its growing base of global customers and Aqua’s commitment to customer success. Eilon will be based in the company’s U.S. headquarters in Burlington, MA. Eilon will be responsible for global customer delivery, including management of the …

Bad actors have devised new ways to infiltrate the cloud native supply chain and infect the images, dependencies, and open source components that developers rely on to deliver the fast-paced lifecycle of cloud native applications. Often, developers use third-party base images or images from public repositories as a starting point for their code. While this …

Here’s a roundup of the latest cloud native industry news for you. Kubernetes continues to rapidly evolve, and the new version 1.21 has just been released – in our blog, we review the notable features and updates you should know about. If you’re into eBPF technology, there’s a great write-up on how to get started with bpf and libbpfgo. The …

“I am proud of what the Aqua team has accomplished in five short years. We delivered on our vision and have a clear direction forward to provide the best platform for cloud native security. We’ve shown that our research and development teams are ahead of the market with the launch of innovative products such as …

ARM is increasing its footprint in the Cloud Native space and Edge computing. Companies are able to run high density, work intensive workloads on a single instance of AWS Graviton 2 at about 30% cost, making it efficient and cost-effective. Edge is already an ARM playground. With Apple’s M1 chip, there is now renewed interest …

Scans images for vulnerabilities within your CI pipeline Trivy, by Aqua Security, is a simple vulnerability scanner for containers and other artifacts. It can scan container images, Git repositories, and file systems to catch vulnerabilities within OS packages and programming-language dependencies. Trivy is also designed to be used within a CI/CD process to scan for vulnerabilities before sending to a container …