Cloud Native Security, Container Security & Serverless Security Thu, 26 Feb 2026 14:03:13 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://www.aquasec.com/blog/when-ai-writes-scans-and-fixes-code-runtime-becomes-the-last-line-of-defense/ Thu, 26 Feb 2026 07:04:42 +0000 https://www.aquasec.com/?p=27357 Anthropic recently launched Claude Code Security. Using its most advanced model, Claude Opus 4.6, the tool found over 500 high-severity vulnerabilities in production open-source codebases. These are bugs with security implications that had survived decades of expert review, continuous fuzzing, and multiple layers of automated scanning. The cybersecurity market reacted badly: roughly $15 billion in …]]> https://www.aquasec.com/blog/cloud-threat-detection-and-the-growing-role-of-secops/ Thu, 08 Jan 2026 07:30:46 +0000 https://www.aquasec.com/?p=27281 Cloud threat detection is changing as attacks increasingly unfold inside running workloads rather than in static code or configuration layers. This shift affects how detection works in practice and how security teams are able to investigate incidents once alerts appear. In cloud environments, security operations rely on real time visibility to understand what workloads are …]]> https://www.aquasec.com/blog/selective-memory-dump-for-deep-container-forensic-analysis/ Mon, 17 Nov 2025 12:55:43 +0000 https://www.aquasec.com/?p=27025 Every attack leaves a trail, but in containerized environments, that trail can vanish before you even realize you have been attacked. Containers are short-lived, and attackers exploit this by executing malware in memory, loading hidden payloads, or deploying rootkits, then silently modifying or deleting evidence to cover their tracks. By the time security teams are …]]> https://www.aquasec.com/blog/github-action-tj-actions-changed-files-compromised/ Sat, 15 Mar 2025 21:41:22 +0000 https://www.aquasec.com/?p=24868 On March 14th, 2025, security researchers discovered a critical software supply chain vulnerability in the widely-used GitHub Action tj-actions/changed-files (CVE-2025-30066). This vulnerability allows remote attackers to expose CI/CD secrets via the action’s build logs. The issue affects users who rely on the tj-actions/changed-files action in GitHub workflows to track changed files within a pull request. …]]> https://www.aquasec.com/blog/walk-the-line-high-fidelity-incident-detection-without-disruption/ Thu, 10 Oct 2024 03:24:14 +0000 https://www.aquasec.com/?p=23040 In the dynamic world of cloud native, security teams are inundated with an overwhelming flood of alerts—far too many for any team to realistically manage. This constant barrage creates a risky dilemma: sift through the noise or silence alerts, risking missing real attacks. Like Johnny Cash’s “Walk the Line,” security teams must strike a careful …]]> https://www.aquasec.com/blog/go-deeper-linux-runtime-visibility-meets-wireshark/ Wed, 07 Aug 2024 15:57:42 +0000 https://www.aquasec.com/?p=21380 Aqua Tracee is an open source runtime security and forensics tool for Linux, built to address common Linux security issues. Tracee’s main use case is to be installed in a production environment and continuously monitor system activity and detect suspicious behavior. Some alternative use cases which Tracee can be used for are dynamic malware analysis, …]]> https://www.aquasec.com/blog/understanding-the-importance-of-runtime-security-in-cloud-native-environments/ Mon, 17 Jun 2024 12:46:23 +0000 https://www.aquasec.com/?p=20495 Gartner has estimated that “90% of global organizations will be running containerized applications in production by 2026—up from 40% in 2021.”   The inherent benefits of cloud native application development enable developers to introduce new code into the environment at an accelerated rate. However, the dynamic nature of these environments amplifies the risks associated with runtime …]]> https://www.aquasec.com/blog/combat-zero-day-threats-with-aquas-ebpf-lightning-enforcer/ Tue, 22 Nov 2022 11:00:00 +0000 https://www.aquasec.com/?p=14558 We are excited to announce the latest addition to our portfolio, our eBPF-based Aqua Lightning Enforcer. It’s designed for busy security professionals to detect zero-day attacks and sophisticated threats that occur in runtime. It utilizes eBPF technology, making it more effective, safer, and faster. The new Lightning Enforcer and our Runtime Protection solution is an …]]> https://www.aquasec.com/blog/tracee-rules-detect-attackers-out-of-the-box/ Thu, 10 Nov 2022 11:00:00 +0000 https://www.aquasec.com/?p=14559 Aqua Tracee is an open source runtime security and forensics tool for Linux. It can help you detect suspicious behavior at runtime using an extensive data collection engine and a sophisticated rules engine. You can further read about the development of Tracee in our blog The Story of Tracee: The Path to Runtime Security Tool. …]]> https://www.aquasec.com/blog/workload-protection-realtime-security/ Thu, 04 Aug 2022 15:44:44 +0000 https://www.aquasec.com/?p=14673 Attackers are sophisticated, there is always a lag between zero days and mitigation, and production workloads are critical. So why is the adoption of runtime security for cloud native applications still lower than shift-left security practices for the same applications? We will discuss this, along with the solution, in this blog. Earlier this week, we …]]>