Aqua Container Security
Products
Aqua Platform
The most complete cloud native application protection platform (CNAPP) for the entire stack, from development to production
Container Security
Full lifecycle security for all containers
Kubernetes Security
Holistic Kubernetes Security for the Enterprise
Serverless Security
Full lifecycle security for functions
VM Security
Virtual machine workload protection
CSPM
Cloud Security Posture Management
Vulnerability Scanning
CI-integrated scanning for all artifacts
Dynamic Threat Analysis
Hidden malware detection in container images
Platform Integrations
CI/CD, Orchestrators, SIEM, and more
Aqua Open Source
Open source developer-oriented security tools, paving the way for cloud native innovation
kube-bench
kube-hunter
trivy
CloudSploit
Tracee
Starboard
Blog
Introducing KSPM by Aqua: Kubernetes Security Posture Management
Solutions
USE CASES
Automate DevSecOps
Modernize Security
Prove Compliance
Go Hybrid & Multi-Cloud
ENVIRONMENTS
Kubernetes Security
AWS Cloud Security
OpenShift Security
VMware Tanzu Security
Azure Cloud Security
Google Cloud Security
Docker Security
Resources
Aqua Blog
Resource Center
Cloud Native Channel
Team Nautilus Research
Kubernetes 101
Docker 101
Cloud Native Security 101
Cloud Security (CSPM)
Research and Reports
Threat Report: Attacks in the Wild on Container Infrastructure
Company
About Us
Customers
Partners
Newsroom
Upcoming Events
Careers
Support
CONNECT
Contact
Twitter
Facebook
Linkedin
NEWS
Container, Serverless & Cloud Native Security Flash – January 2021
What are Supply Chain Attacks, and How to Guard Against Them
Creating a culture of cybersecurity and tech innovation
Visit the Newsroom
Search
Try Aqua
Get Demo
Resource Center: Containers & Cloud Native Security
eBooks, Product Sheets, Whitepapers, Webinars and Videos
All Types
Blog (99)
Case Study (7)
eBook (6)
Infographic (2)
Podcasts (22)
Research and Reports (9)
Solution Sheet (15)
Video (17)
Webinar (39)
Whitepaper (15)
All Topics
AWS Security (22)
Azure Security (4)
CI/CD (9)
Cloud Native Security (47)
Cloud Security (22)
Cloud Security CSPM (9)
Cloud Workload Protection Platform CWPP (3)
Compliance (9)
Container Deployment (1)
Container Network Security (1)
Container Security (74)
Container Vulnerability (9)
DevOps and DevSecOps (27)
Docker Security (6)
Drift Prevention (1)
Dynamic Container Analysis (8)
EKS Security (1)
Events and Conferences (2)
Google Cloud Security (8)
Hybrid Cloud Security (1)
IBM Cloud (1)
Image Vulnerability Scanning (9)
Kubernetes Security (48)
Kubernetes Security Posture Management KSPM (3)
KubeSec (9)
Liz Rice (2)
Malware Attacks (2)
Open Source (8)
Pivotal Cloud Foundry (7)
RBAC (1)
Red Hat OpenShift (8)
Runtime Security (12)
Secrets Management (5)
Secure VMs (2)
Security Threats (9)
Serverless (13)
Service Mesh (2)
Threat Alert (5)
Vulnerability Management (19)
Get Liz Rice's New Container Security Book
Examining key underlying technologies to help Dev, Sec, and Ops professionals assess security risks and determine appropriate solutions.
Download the eBook
Live Webinars
Watch Live Webinars
Whitepaper
The Ten Riskiest AWS Misconfigurations
Whitepaper
The Essential Guide to Cloud Security Posture Management (CSPM)
Solution Sheet
Securing your K8s Infrastructure with Aqua KSPM
Blog
Boosting Container Security with Rootless Containers
Blog
Infographic: What is CSPM and Why You Need It
Whitepaper
Using open source software to evolve enterprise-class security solutions
Research and Reports
Threat Report: Attacks in the Wild on Container Infrastructure
Blog
KubeSec Enterprise Online North America Kicks Off!
Blog
The 3 Riskiest Cloud Native AWS Configurations
Blog
Aqua’s Top Five Threat Alerts for 2020
Blog
Unveiling Aqua Vulnerability Database, Strengthen Your K8s Clusters
Infographic
What is CSPM and Why You Need It
Blog
Aqua Secures Container Image Support in AWS Lambda
Blog
Auto-Remediation for Secure Configuration in Azure Cloud
Blog
CVE-2020-15275: New Vulnerability Exploits containerd-shim API
Blog
Evaluating and Enforcing Least Privilege in Kubernetes with Aqua KSPM
Blog
Operationalize Your Cloud Native Security with Aqua’s New Dashboard
Blog
Runtime Protection for K8s Workloads Using a Mutating Admission Controller
Blog
Scan Container Images for Vulnerabilities & Hidden Malware with Aqua Wave
Blog
Secure your Digital Transformation on Amazon EKS-Distro with Aqua
Blog
Taking Advantage of Object Labels while Controlling the Human Factor
Blog
Threat Alert: Fileless Malware Executing in Containers
Blog
Automating Kubernetes Security Reporting with Starboard Operator by Aqua
Solution Sheet
Protecting Cloud VMs in Modern Cloud Native Stacks
Blog
CVE-2020-15157: Vulnerability in Containerd Can Leak Cloud Credentials
Case Study
Online Retailer Leverages Aqua to Build Secure Cloud Native Applications from the Start
Blog
Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action
Blog
Hacktoberfest 2020: Celebrate Open Source with Aqua!
Blog
Introducing KSPM by Aqua: Kubernetes Security Posture Management
Webinar
Secure your cloud-native applications – an AWS customer case study
In partnership with AWS
Case Study
Internet Services Provider Kakaku.com Improves Security and Operational Efficiency with Aqua
Blog
Scanning Registries at Scale with Rules-based Image Pulls
Blog
Threat Alert: Market-First Container Image Built to Attack Kubernetes Clusters
Blog
Deploy Aqua at the Speed of DevOps using Red Hat Marketplace
Blog
Protecting Cloud VMs for Full-Stack Cloud Native Security
Blog
Securing Container Workloads on AWS Bottlerocket
Blog
Threat Alert: Massive Cryptomining Campaign Abusing GitHub, Docker Hub, Travis CI & Circle CI
Webinar
Achieving Least Privilege Access in Kubernetes
A CNCF Webinar
Webinar
Beyond Vulnerability Scanning
KubeSec Online
Blog
Deep Analysis of TeamTNT Techniques Using Container Images to Attack
Webinar
The Sharp Edges of Kubernetes Security
KubeSec Online
Webinar
Kubernetes in the Context of an ISO 27001 Certification
KubeSec Online
Solution Sheet
Aqua Security: The Complete Cloud Native Security Platform
Webinar
kubectl Support for PKCS#11 Hardware Security Module
KubeSec Online
Blog
Uncover Malware Payload Executions Automatically with Tracee
Webinar
The Container Security Checklist
KubeSec Online
Webinar
Kubernetes Secrets - The Good, The Bad and The Ugly
KubeSec Online
Podcasts
BeerSecOps #15 with Cheryl Hung: The CNCF End User Community & Virtual KubeCon
Webinar
DevOps and Security – An Uneven Journey
KubeSec Online
Blog
Achieving a Self-Securing Infrastructure in Public Clouds
Podcasts
BeerSecOps #14: The Evolution of CSPM with Cloudsploit Founders
Blog
Bringing Unconstrained Flexibility to Cloud Native Security
Blog
Threat Alert: An Attack Against a Docker API Leads To Hidden Cryptominers
Research and Reports
2020 Market Guide for Cloud Workload Protection Platforms
Blog
Using Trivy to Discover Vulnerabilities in VS Code Projects
Podcasts
BeerSecOps #13: Security for Serverless Functions with Dean Bryen
Blog
Threat Alert: Attacker Building Malicious Images Directly on Your Host
Solution Sheet
Segregation of Duties in Multi-Tenant Cloud Native Environments
Blog
Role-Based Access Control in Modern Cloud Native Security
Video
Secure Windows Containers on GKE clusters
Case Study
AIB Centralizes their Container Security with Aqua
Blog
Risk-Based Vulnerability Management in Container Images
Video
Running Compliance Checks with Aqua
Blog
Mitigating High Severity CVEs Affecting SaltStack on Public Clouds
Video
Deploying Aqua CSP on AWS Fargate
Blog
Starboard: The Kubernetes-Native Toolkit for Unifying Security
Video
How to Integrate Aqua with a Registry
Blog
Visualize and Prioritize Risks in Kubernetes with Aqua Risk Explorer
Webinar
KubeSec Enterprise Online -
A Webinar Series
A Webinar Series
Webinar
Why You Need & How to Evaluate Cloud Native Security Solution
Educational
Video
How to Deploy Aqua Enforcers on Windows VMs
Video
Deploy Aqua on GKE on the GCP Marketplace
Webinar
Dynamic Analysis of Container Images for Detecting Stealthy Malware
New from Aqua!
Video
Visualize Risks in Your K8s Clusters with Aqua Risk Explorer
Video
Deploying Aqua CSP for ECS in the AWS Marketplace
Blog
Aqua Partners with GCP to Secure Windows Containers on GKE
Video
How to Integrate Aqua with Jenkins
eBook
O'Reilly and Liz Rice - NEW Container Security Book
Podcasts
BeerSecOps #12: Michael Hausenblas on Software Supply Chain Management (via GitOps)
Webinar
Desenvolvimento Ágil e Seguro? - Desafios e Soluções
Blog
Dynamic Threat Analysis for Container Images: Uncovering Hidden Risks
Solution Sheet
Aqua Dynamic Threat Analysis (DTA) for Aqua CSP
Blog
Threat Alert: Kinsing Malware Attacks Targeting Container Environments
Solution Sheet
Aqua Dynamic Threat Analysis (DTA) for Aqua CSPM
Blog
Blocking Attacks in Runtime with Drift Prevention
Blog
CloudSploit Delivers Best Practices for Oracle Cloud Security
Blog
Trivy Image Vulnerability Scanner Now Under Apache 2.0 License
Blog
Scanning Image Layers, Prometheus, and Harbor Integrations
Podcasts
BeerSecOps #11: Liz Rice - The Container Security Book
Blog
Aqua CSP Globally Whitelisted for ARO: Red Hat OpenShift on Azure
Blog
Kube-Query: A Simpler Way to Query Your Kubernetes Clusters
Webinar
Defense in Depth: Securing Your Kubernetes Workloads on VMware Enterprise PKS
Podcasts
BeerSecOps #10: Tanya Janca – AppSec Education
Webinar
AppDev in Kubernetes: Automation and Security with Azure Red Hat OpenShift
Podcasts
BeerSecOps #09: Gene Kim – The Unicorn Project
Webinar
AWS & Aqua Security: Integrated Dashboard Prioritizes Cloud Native Security Alerts
Webinar
Prevention is Better Than Cure - A KubeSec Encore Presentation
Blog
Cloud Native Security Best Practices: Using Kubernetes Admission Controller for Image Assurance
Webinar
A Calculated, Visual, Risk-Based Approach for Exploring Your Security Risks
Blog
Announcing General Availability of CloudSploit by Aqua for GCP
Webinar
Harbor Image Scanning Adapter Setup
Podcasts
BeerSecOps #08: Kelsey Hightower
Webinar
Hack-Proofing Your Kubernetes Clusters
Case Study
Clarizen secures Kubernetes-based cloud native apps on AWS with Aqua Security
Blog
Threat Alert: Exploiting Open Docker Daemons for DDoS Attacks
Blog
A Deep Dive into eBPF:
The Technology that Powers Tracee
Blog
What You Need to Know About AWS Lambda Functions Risk Mitigation
Solution Sheet
CloudSploit Solution Sheet
Blog
Cloud Native Best Practices: Security Policies in CI/CD Pipelines
Podcasts
Adrian Goins, Rancher, Rio, & Farming
Webinar
2020 Blueprint for Cloud Native Security
Case Study
NCR Securely Transitions to Multi-Cloud Microservices Applications with Aqua
Blog
A Brief History of Containers: From the 1970s Till Now
Blog
Cloud Native Security Best Practices: Vulnerability Management
Webinar
Trends in Data Security for Containers
Blog
DevSecOps with Trivy and GitHub Actions
Blog
Pluggable Image Vulnerability Scanners for Harbor
Podcasts
Meet Elissa Shevinsky, Founder & CEO of Faster Than Light, Author of "Lean Out"
Blog
Aqua Integrates with AWS Security Hub: Closing the Gap on Cloud Native Security
Webinar
Cloud Native Application Platform Security 101
Podcasts
BeerSecOps #05:
With Michael Man The Man Behind the DevSecOps London Gathering
Case Study
A CloudSploit Case Study:
Trek10's Three AWS Cloud Security Concerns
& One Solution
Webinar
Aqua Cloud Security Posture Management with CloudSploit
Webinar
Pivotal and Aqua Security: Full-Stack Security for Enterprise PKS
Blog
Expanding into CSPM and Deepening Cloud VM Security
Podcasts
All About OWASP
with Sam Stepanyan
Podcasts
DtSR Episode 368
Contain(er) Your Security
Podcasts
DevSecOps - Humans Vs Non-Humans
with Josh Kirkwood
Podcasts
Go Time - Episode #97 Live from Gophercon UK with Liz Rice
Podcasts
Cloud Native and Open Source
with Liz Rice
Podcasts
Discussing GitOps with
Andy Martin (Control Plane)
Blog
Tracee: Tracing Containers with eBPF
Blog
Performance-Optimized Runtime Protection for Serverless Functions
with Aqua
Blog
Optimized Logging for Container Workloads Using AWS FireLens
Solution Sheet
Aqua Security for Pivotal Application Service (PAS)
Blog
Cloud VM Security
with Aqua CSP
Research and Reports
CyberEdge Group:
Annual Cyberthreat Defense Report
Blog
CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions
eBook
Operating Kubernetes Clusters and Applications Safely
Webinar
Kubernetes RBAC: Audit Your Cluster’s RBAC Configuration for Vulnerabilities
Whitepaper
Kubernetes and the Enterprise: A DZone Kubernetes Trend Report
Whitepaper
Container Adoption Report:
Understanding Container Adoption With a Special Focus on Container Security
Blog
Native Runtime Protection for
Pivotal Cloud Foundry
Webinar
Pivotal Platform - Getting Started with Native Runtime Protection for PAS
Whitepaper
DevSecOps, Making it Happen: The Essential DevSecOps Guide
Blog
Securing Hybrid Cloud Workloads on Google Anthos
Whitepaper
The Definitive Guide to Securing Kubernetes
Podcasts
GopherCon 2019 Spotlight, Part 2
with Liz Rice
Blog
Kubernetes RBAC: Asking for Forgiveness or Getting Permission
Webinar
Container Security: How to Protect Your Production Environment from Threats
Webinar
Just Download and Run – Trivy Open Source Scanner for Container Images
Blog
Protecting Kubernetes Secrets:
A Practical Guide
Solution Sheet
Aqua Security for VMware Enterprise PKS
Blog
DNS Spoofing on Kubernetes Clusters
Webinar
Introduction to Kubernetes Security
An Aqua and WeaveWorks Joint webinar
Webinar
Virtual Container Patching: Control Known Vulnerabilities Detected in Container Images
Research and Reports
How Aqua Secures Containers From Development To Production
Research and Reports
451 Business Impact Brief:
Security for Cloud Native Compute
Will Be Different
Blog
Kubernetes Pod Escape
Using Log Mounts
Blog
Aqua Operator: Automating Security for Kubernetes
Webinar
Aqua Serverless Security for AWS Lambda
Blog
Knative: The Serverless Environment for Kubernetes Fans
Blog
Security Configuration Benchmarks for Kubernetes
Webinar
Vulnerability Management Strategies for Cloud Native Security
Case Study
Video compliance tech innovator Theta Lake ensures compliance on Amazon ECS
Webinar
Protéger vos applications conteneurisées du développement
Webinar
Rethinking Cloud Security for Cloud Native Applications
Solution Sheet
Aqua Security for AWS Lambda Functions
Webinar
57 Easy Steps to Secure Serverless Functions
Whitepaper
Securing Containers and Serverless
on AWS
Research and Reports
Frost & Sullivan Report
Serverless Security Maturing: Serverless Adoption & Competitive Security Options are Expanding
Research and Reports
Securosis Analyst Report:The Guide to Enterprise Container Security
Research and Reports
A SANS Survey:Secure DevOps: Fact or Fiction?
Webinar
From Containers to Serverless: Keys to Securing Cloud Native Workloads
Webinar
Shifting Left:
Security Through Automation
Blog
Istio Security: Zero-Trust Networking
Blog
Security for Pivotal PAS and PKS
Blog
Serverless Security: The Importance of FaaS Risk Assessment
Podcasts
DevOps Chat: Container Security and Aqua 3.5
Webinar
Deploying a PCI DSS-Compliant Kubernetes Cluster
Blog
Istio: The Enterprise Upgrade Path to Microservices
Blog
Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)
Research and Reports
A DZone RefCard:
Kubernetes Security
Whitepaper
Security in the New World of Containers and Serverless
eBook
Container Security:
10 Things DevOps Need to Do
Solution Sheet
Aqua Security for
Azure Container Service
and Windows Containers
Solution Sheet
Aqua for Commercial Kubernetes Apps in GCP Marketplace
eBook
Kubernetes Deployments &
Security Patterns
Solution Sheet
Aqua Security for AWS
Cloud Native Workloads
Blog
Active Workload Protection
on AWS Fargate
Whitepaper
NIST SP 800-190
Container Security Guide
Podcasts
Improve Security with Automated Image Scanning Through CI/CD
With Liz Rice, Technology Evangelist
Blog
Kube-Bench: An OSS Tool for Running Kubernetes CIS Benchmark Tests
eBook
CI/CD with Kubernetes:
Use cases and best practices for how Kubernetes helps facilitate CI/CD
Blog
Streamline Image
Vulnerability Management for
OpenShift Image Streams
Podcasts
Red Hat OpenShift: Container Vulnerability Scanning
Blog
Kube-hunter: An Open Source Tool for Kubernetes Penetration Testing
Solution Sheet
Aqua Container Security for Red Hat Openshift
Blog
Aqua Integrates with Google’s Cloud Security Command Center
Blog
Aqua MicroScanner:
Free Image Vulnerability Scanning Plugin for Jenkins
Blog
Docker Security Best Practices
eBook
Containers Development & Management
DZone Guide
Video
Kubernetes, Metadata, and You (KubeCon NA 2017)
Blog
Kubernetes Security Deep-Dive
Blog
Using Aqua to Secure Applications on Pivotal Cloud Foundry
Video
Equifax Breach Contained by Containers
Whitepaper
Compliance Guide: Achieving HIPAA Compliance for Containers
Video
Demo of Aqua Security for PCF
Blog
Aqua on OpenShift
Level-Up Your Container Security Game - Part I
Whitepaper
Achieving PCI-DSS Compliance for Containers
Blog
Securing Serverless: Persistent Security for Ephemeral Environments
Whitepaper
The Ultimate Guide to Secrets Management in Containers
Blog
How to Secure Amazon ECS Workloads On Demand
Whitepaper
Compliance Guide: Achieving GDPR Compliance for Containers
Video
Containers from Scratch - The Sequel (ContainerCamp AU 2017)
Video
Your Secret's Safe with Me - Securing Container Secrets with Vault
Blog
MicroScanner: Free Image Vulnerability Scanner for Developers
Blog
Grafeas and Image Vulnerability Scanning
Blog
Kubernetes 1.10: What’s New in Security
Blog
Governance and Control for The Container Supply Chain Using Aqua Security and Google Grafeas
Solution Sheet
Aqua - ArcSight Product Brieft
Podcasts
Aqua Security Locking Down the Container Security Market
Blog
Managing Secrets in Docker Containers
Blog
Securing Containers on OpenShift
Video
Containers: The Dr. Jekyll and Mr. Hyde of Security - RSAC 2017 Presentation
Video
Docker Image Vulnerability Scanning in Microsoft Visual Studio Team Services
Video
Scanning Docker Images on a Massive Scale
Infographic
Infographic: DevOps, Security or DevSecOps?
Blog
Protecting Hybrid-Cloud Workloads? Lessons from ESG Survey
Blog
Docker Networking and Kubernetes Networking Tools
