Aqua News Aqua Security Surfaces Threat to Container Hosts

Aqua Security this week reported a new type of cyberattack that exploits Docker application programming interfaces (APIs) to build and run a malicious container image on the host.

Asaf Morag, lead data analyst for Aqua Security, says this approach enables cybercriminals to end-run static analysis tools that only discover malicious code prior to it being deployed in a runtime environment. Cybercriminals are essentially taking advantage of a host’s ability to spin up Docker containers in seconds to evade detection by static analysis tools, he says.

Previously, most container security research focused on container images before they are deployed. However, Morag notes it appears cybercriminals are now taking advantage of containers to launch attacks directly on the host.

Need to secure enterprise workloads?

Aqua Cloud Native Application Protection Platform (CNAPP)

Go cloud native with the experts!

Get Demo

Aqua Security

Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Use Cases

Environments

Partners

Products

Get Started