Cloud Native Security, Container Security & Serverless Security Sun, 09 Nov 2025 15:59:51 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://www.aquasec.com/blog/a-brief-history-of-containers-from-1970s-chroot-to-docker-2016/ Wed, 10 Sep 2025 17:00:00 +0000 https://www.aquasec.com/?p=15671 When we first published this blog post in 2017, the technology landscape for containers was quite different than it is today. Over the past few years, we have seen significant changes take place that have affected, and continue to affect how Containers are adopted. Read on to understand the changes and developments we saw and …]]> https://www.aquasec.com/blog/aqua-helps-close-the-devsec-gap-with-shift-left-security/ Wed, 25 Jun 2025 12:00:48 +0000 https://www.aquasec.com/?p=25774 Shifting security left has many benefits. Developers today have more ownership and responsibility for secure coding practices than ever before. However, this does not mean that the entire security burden falls on developers. Cloud native environments evolve rapidly. Teams rely on open source packages, build and deploy containers on demand, and push changes through CI/CD …]]> https://www.aquasec.com/blog/container-security-risk-assessment/ Wed, 23 Apr 2025 12:00:10 +0000 https://www.aquasec.com/?p=25309 Containers may be mainstream, but securing them in production remains a moving target. As AI adoption scales and environments grow more complex, so too do the risks, especially at runtime, where traditional tools struggle to provide meaningful visibility. These are not legacy exploits like port scans or brute force attempts. Attackers are targeting what happens …]]> https://www.aquasec.com/blog/gigaom-radar-aqua-leads-container-security/ Tue, 18 Feb 2025 13:00:57 +0000 https://www.aquasec.com/?p=24471 Securing containerized applications demands a multi-layered strategy that spans the entire lifecycle from development to production, a challenge Aqua has spent nearly a decade mastering. Aqua’s Container Security solution provides full lifecycle protection by identifying vulnerabilities early in the build phase, integrating acceptance gates in the CI/CD pipeline to minimize risks, and offering real-time runtime …]]> https://www.aquasec.com/blog/securing-azure-container-apps-aca/ Thu, 06 Feb 2025 13:02:44 +0000 https://www.aquasec.com/?p=24463 Azure Container Apps (ACA) is a serverless platform for scalable containerized applications, while abstracting the underlying infrastructure. Since it runs without providing access to its underlying operating system, it has inherent security benefits, but it also presents a challenge for security and compliance tools that were not purpose-built to support such an environment. Aqua is …]]> https://www.aquasec.com/blog/cloud-security-trends-predictions-and-strategies-for-resilience/ Wed, 18 Dec 2024 05:28:51 +0000 https://www.aquasec.com/?p=23893 In 2025, cloud native security is set to undergo transformative progress. As Chief Information Security Officer at Aqua, I’ve seen how rapidly evolving threats and operational demands are driving organizations to redefine their approach to security. The focus is no longer just on adapting to challenges—it’s about deeply embedding security into every facet of development …]]> https://www.aquasec.com/blog/embracing-the-future-aws-customers-leverage-fargate-for-ecs-and-eks-deployments/ Wed, 11 Sep 2024 06:27:53 +0000 https://www.aquasec.com/?p=22452 As organizations advance in their cloud native journey, the adoption of AWS Fargate for ECS (Elastic Container Service) and EKS (Elastic Kubernetes Service) increases. Many customers begin their cloud journey with Amazon ECS, with around 65% of new AWS container customers opting for ECS. This popularity is driven by Fargate’s serverless compute engine, which allows …]]> https://www.aquasec.com/blog/go-deeper-linux-runtime-visibility-meets-wireshark/ Wed, 07 Aug 2024 15:57:42 +0000 https://www.aquasec.com/?p=21380 Aqua Tracee is an open source runtime security and forensics tool for Linux, built to address common Linux security issues. Tracee’s main use case is to be installed in a production environment and continuously monitor system activity and detect suspicious behavior. Some alternative use cases which Tracee can be used for are dynamic malware analysis, …]]> https://www.aquasec.com/blog/aws-kubernetes-security-and-compliance/ Wed, 15 May 2024 12:00:09 +0000 https://www.aquasec.com/?p=20010 Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.    In …]]> https://www.aquasec.com/blog/cve-2024-3094-newly-discovered-backdoor-in-xz-tools/ Mon, 01 Apr 2024 15:49:06 +0000 https://www.aquasec.com/?p=19576 The xz-utils is a popular compression tool used widely across Linux systems, indicating its critical role in the software ecosystem. The xz-utils backdoor, discovered on March 29, 2024, exposes systems to potential backdoor access and remote code execution. It specifically targets versions 5.6.0 and 5.6.1 of xz-utils on systems using glibc, systemd, and patched OpenSSH. …]]>