Shadow Roles: AWS Defaults Can Open the Door to Service Takeover
Sign in
Contact
Support
We're hiring!
Aqua Security
Platform
Solutions
Resources
Company
Platform
Aqua Platform
Unified Cloud Security
Gain total lifecycle visibility, reduce risks and stop attacks with the most comprehensive, fully integrated CNAPP, AI security and AI-guided remediation.
Platform overview
All platform Integrations
Aqua CNAPP in action
Aqua Open Source
Driving security innovation in the cloud native community
Trivy
Tracee
Code Security
Scanning & Assurance
Scan artifacts across the entire software development lifecycle
Software Supply Chain Security
Protect your code, tools, and processes
Vulnerability Management
Advanced Code-to-Cloud vulnerability management to reduce noise and fix fast
Runtime Security
Container Security
Full lifecycle advanced protection for containerized applications
Cloud Workload Protection (CWPP)
Runtime protection for every cloud native workload
Hybrid-Cloud & Multi-Cloud Security
Code to Cloud security for hybrid and multi-cloud deployments
Posture Management
CI/CD Pipeline Security
Automate DevSecOps
Kubernetes Security
Holistic Kubernetes Security for the Enterprise
Cloud Security Posture Management
Extend traditional CSPM with workload visibility
What's New?
From Prompt to Production: Runtime Protection for AI Workloads
What’s Really Happening in Your Containers? Aqua’s Risk Assessment Has the Answer
New in Aqua Hub: Cut Through Alert Noise and Fix Toxic Combinations First
Solutions
Use Cases
Automate DevSecOps
Security and speed without compromise
GenAI Application Security
Secure GenAI Applications from Code to Runtime
Detection and Response
Cloud native detection & Response (CNDR)
Hybrid-Cloud & Multi-Cloud
Security for hybrid and multi-cloud deployments
Prove Compliance
Controls for PCI, HIPAA, GDPR, and beyond
Solutions
Docker Security
Enterprise-Grade security for Docker environments
AWS Cloud Security
Protect cloud native workloads on AWS
Google Cloud Security
Secure K8s apps on Google Cloud Platform
OpenShift Security
Cloud Native Security for Red Hat OpenShift
VMware Tanzu Security
Native security across VMware Tanzu
Azure Cloud Security
Complete Security for Azure Container Workloads
Industry
Federal
CNAPP solution for Federal Government
Financial Services
One platform for financial services
eBook
Hybrid Cloud, Multi-Cloud, Every Cloud, Secured.
Resources
The best of cloud native
Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Read the Blog
SEC vs. SolarWinds: A Cybersecurity Game Changer for CISOs
Accenture and Aqua Partner to Empower Cloud Security
Resources
Resources Center
eBooks, Data sheets, Whitepapers, Webinars, and much more
The Cloud Native Channel
Cloud native security webinars & videos
Aquademy
The Aqua academy
Cloud Native Wiki
The educational center for everything cloud native
Docker Containers
Software supply chain security
Cloud security
Kubernetes
Application Security
DevSecOps
Aqua research team
Security research focused on the cloud native stack to identify new threats and attack vectors
More security research
2023 Annual Aqua Nautilus Research
A Comprehensive Cloud Native Threat Report
Company
Recognized Leadership
CISO Choice Awards
Winner for Cloud Workload Protection Platform (CWPP)
Forrester Consulting: The Total Economic Impact™ of Aqua CNAPP
90% Reduction in vulnerability research and detection time
Frost & Sullivan CNAPP report
Top innovation leader
About Us
Newsroom
Customers
Partners
Careers
Support
Services
Upcoming Events
Connect
Contact
Twitter
Facebook
Linkedin
Instagram
News
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
Aqua Security Named Winner in the 2025 Cloud Security Awards
Aqua Security Achieves AWS Government Competency Status
Search
Get Started
Resource Center
›
Research and Reports
All Topics
GenAI Security
Kubernetes Security KSPM
Financial Services
CWPP
cloud attacks
Federal cloud native security
Software supply chain security
CNAPP
Container Security
AWS Security
Azure Security
CI/CD
Cloud Native Security
Cloud Security
CSPM
Compliance
Container Vulnerability
DevOps and DevSecOps
Docker Security
Dynamic Container Analysis
Google Cloud Security
Image Vulnerability Scanning
Open Source
Pivotal Cloud Foundry
Red Hat OpenShift
Runtime Security
Secrets Management
Secure VMs
Security Threats
Serverless
Service Mesh
Vulnerability Management
Research and Reports
Gartner CTO's Guide to Containers and Kubernetes: Top 10 FAQs
New Gartner Guide
Research and Reports
Gartner: Kubernetes Runtime Security Transforms Workload Protection
Research and Reports
GigaOm Radar Report for Container Security
New Report
Research and Reports
GigaOm Radar Report for Software Supply Chain Security
New Report
Research and Reports
Unlock the True ROI of Cloud Security with Aqua
New Report
Research and Reports
Kinsing Demystified: A Comprehensive Technical Guide
Research and Reports
KuppingerCole Leadership Compass on CNAPP
Research and Reports
GigaOm's First Radar for Cloud Workload Security (CWS)
Research and Reports
Forrester: The Total Economic Impact™ of the Aqua Platform
Research and Reports
TAG Cyber Tech Report: The Evolution of CSPM
Research and Reports
GigaOm Radar for Cloud Security Posture Management (CSPM)
Research and Reports
KuppingerCole Leadership Compass: Software Supply Chain Security
eBook
The State of Cloud Native Security:
An Aqua 2023 Survey
Research and Reports
Cloud Security Report: Cloud Configuration Risks Exposed
Research and Reports
2022 Cloud Native Threat Report: Tracking Software Supply Chain and Kubernetes Attacks
Research and Reports
2023 Aqua Nautilus Research: A Comprehensive Cloud Native Threat Report
Research and Reports
2022 Container Attacks Catalog: A detailed analysis of container attacks
Research and Reports
Cloud Native Threat Report: Attacks in the Wild on the Container Supply Chain and Infrastructure
Research and Reports
GovLoop Cloud Native Security Report for US Federal Government & Agencies
Research and Reports
Cloud Security Report: Cloud Configuration Risks Exposed
Research and Reports
Analyse des menaces visant la « supply chain » dans dans les environnements cloud-native
Aqua Security
