Security That Speaks Your Language: Trivy MCP Server

Aqua Cloud Native Blog

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

Security That Speaks Your Language: Trivy MCP Server

What if checking your project for vulnerabilities was as simple as asking a question? Or if your coding AI agent could automatically run a scan every time you changed a Dockerfile? The new Trivy MCP Server makes all that possible, and more.

SECURITY RESEARCH

Kaiji Malware: Anatomy, Persistence and Detection

Kaiji malware has emerged as a significant threat in recent years, particularly targeting Linux-based servers and IoT devices. This malware is designed to exploit internet connected services and devices to gain unauthorized access to systems. Once inside, Kaiji establishes persistence through various techniques, including creating system services and modifying system configurations.

Aqua Secure AI Wins AI Cybersecurity Solution of the Year

AI applications are at tremendous risk. The complex chain of different components that AI applications depend on to truly push the boundaries of innovation is also what dramatically increases their attack surface, leaving them vulnerable to attackers.

CONTAINER SECURITY UNBOXED

How to Set Up Runtime Defense Against Threats Like Gafgyt

One of the latest variants of Gafgyt targets Linux-based systems with weak SSH passwords to ultimately install cryptocurrency miners. Aqua Runtime Protection is particularly effective at defending against this variant’s use of fileless execution and its cryptomining payload, enabling enterprises to protect their critical AI infrastructure. Step-by-Step Guide 1. Create a Runtime Policy Log in …

Secure AI Infrastructure On-Premises from Day One

Your company rolls out a new claims system powered by AI. It is fast, efficient, and customers love the experience. Then one day, a single malicious input slips through. The model is tricked into revealing sensitive records, or a workload spins out of control and consumes expensive GPU cycles. What began as a breakthrough quickly …

Navigating the OWASP LLM and GenAI Security Landscape

The rush to adopt generative AI has created an explosion of new security tools targeting different aspects of an increasingly complex landscape. Every week, a solution promises to stop prompt injection, prevent data leakage, or harden models against attack. For security leaders, it can feel overwhelming. Which solutions matter, how do they fit together, and …

Why AI-SPM Alone is Not Enough to Secure AI Workloads

From writing code to serving customers, companies worldwide are capitalizing on AI to enhance their applications and business processes. But this boom is poised to turn into a bust if security can’t keep pace with AI adoption. And make no mistake: LLMs and AI services, whether they are consumed by the application or hosted and …

CONTAINER SECURITY

A Brief History of Containers: From the 1970s Till Now

When we first published this blog post in 2017, the technology landscape for containers was quite different than it is today. Over the past few years, we have seen significant changes take place that have affected, and continue to affect how Containers are adopted. Read on to understand the changes and developments we saw and …

CONTAINER SECURITY UNBOXED

Investigate and Respond to Sobolan Malware with Aqua Security

When malware attacks like Sobolan are detected, Aqua helps security teams thoroughly analyze and mitigate these threats. Whether it is threat hunting in cloud environments or following an alert, the Aqua Hub provides logs and captured artifacts so you can see how Sobolan gained access, what processes it ran, and how it attempted to persist. …

MCP to Agentic AI: Shaping AI Security for What’s Next

Enterprises are rapidly adopting large language model applications, AI assistants, and model orchestration platforms at a pace that rivals the early days of cloud computing. With this acceleration comes both significant opportunity and risk. Yet AI security is lagging behind, struggling to match the speed and scale of adoption. One of the hottest topics right …

SOFTWARE SUPPLY CHAIN SECURITY

NPM Supply Chain: A Critical Threat to Cloud-Native

A new software supply chain attack is targeting a series of highly popular open-source NPM packages unleashing malware across 18 foundational JavaScript packages that collectively accounted for a staggering 2.6 billion weekly downloads. This incident highlights how a compromised open-source package can quickly reach production environments, emphasizing the importance of visibility, security controls, and proactive …

AI Container Security Begins Inside the Workload

AI security is often discussed at the edge, through firewalls, proxies, SDKs, or prompt filtering. These approaches serve a purpose, but they overlook where many of the most serious risks actually take place, inside the container.

Page 2 of 40‹ Prev 123 4 5 6 Next ›

Need to secure enterprise workloads?

Aqua Cloud Native Application Protection Platform (CNAPP)

Go cloud native with the experts!

Get Demo

Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Products

Get Started

Copyright © 2026 Aqua Security Software Ltd. Privacy Policy | Terms of Use | Cookie Policy | |