Shadow Roles: AWS Defaults Can Open the Door to Service Takeover
Sign in
Contact
Support
We're hiring!
Aqua Security
Platform
Solutions
Resources
Company
Platform
Aqua Platform
Unified Cloud Security
Gain total lifecycle visibility, reduce risks and stop attacks with the most comprehensive, fully integrated CNAPP, AI security and AI-guided remediation.
Platform overview
All platform Integrations
Aqua CNAPP in action
Aqua Open Source
Driving security innovation in the cloud native community
Trivy
Tracee
Code Security
Scanning & Assurance
Scan artifacts across the entire software development lifecycle
Software Supply Chain Security
Protect your code, tools, and processes
Vulnerability Management
Advanced Code-to-Cloud vulnerability management to reduce noise and fix fast
Runtime Security
Container Security
Full lifecycle advanced protection for containerized applications
Cloud Workload Protection (CWPP)
Runtime protection for every cloud native workload
Hybrid-Cloud & Multi-Cloud Security
Code to Cloud security for hybrid and multi-cloud deployments
Posture Management
CI/CD Pipeline Security
Automate DevSecOps
Kubernetes Security
Holistic Kubernetes Security for the Enterprise
Cloud Security Posture Management
Extend traditional CSPM with workload visibility
What's New?
From Prompt to Production: Runtime Protection for AI Workloads
What’s Really Happening in Your Containers? Aqua’s Risk Assessment Has the Answer
New in Aqua Hub: Cut Through Alert Noise and Fix Toxic Combinations First
Solutions
Use Cases
Automate DevSecOps
Security and speed without compromise
GenAI Application Security
Secure GenAI Applications from Code to Runtime
Detection and Response
Cloud native detection & Response (CNDR)
Hybrid-Cloud & Multi-Cloud
Security for hybrid and multi-cloud deployments
Prove Compliance
Controls for PCI, HIPAA, GDPR, and beyond
Solutions
Docker Security
Enterprise-Grade security for Docker environments
AWS Cloud Security
Protect cloud native workloads on AWS
Google Cloud Security
Secure K8s apps on Google Cloud Platform
OpenShift Security
Cloud Native Security for Red Hat OpenShift
VMware Tanzu Security
Native security across VMware Tanzu
Azure Cloud Security
Complete Security for Azure Container Workloads
Industry
Federal
CNAPP solution for Federal Government
Financial Services
One platform for financial services
eBook
Hybrid Cloud, Multi-Cloud, Every Cloud, Secured.
Resources
The best of cloud native
Aqua Blog
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance
Read the Blog
SEC vs. SolarWinds: A Cybersecurity Game Changer for CISOs
Accenture and Aqua Partner to Empower Cloud Security
Resources
Resources Center
eBooks, Data sheets, Whitepapers, Webinars, and much more
The Cloud Native Channel
Cloud native security webinars & videos
Aquademy
The Aqua academy
Cloud Native Wiki
The educational center for everything cloud native
Docker Containers
Software supply chain security
Cloud security
Kubernetes
Application Security
DevSecOps
Aqua research team
Security research focused on the cloud native stack to identify new threats and attack vectors
More security research
2023 Annual Aqua Nautilus Research
A Comprehensive Cloud Native Threat Report
Company
Recognized Leadership
CISO Choice Awards
Winner for Cloud Workload Protection Platform (CWPP)
Forrester Consulting: The Total Economic Impact™ of Aqua CNAPP
90% Reduction in vulnerability research and detection time
Frost & Sullivan CNAPP report
Top innovation leader
About Us
Newsroom
Customers
Partners
Careers
Support
Services
Upcoming Events
Connect
Contact
Twitter
Facebook
Linkedin
Instagram
News
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
Aqua Security Named Winner in the 2025 Cloud Security Awards
Aqua Security Achieves AWS Government Competency Status
Search
Get Started
Resource Center
›
Whitepaper
All Topics
GenAI Security
Kubernetes Security KSPM
Financial Services
CWPP
cloud attacks
Federal cloud native security
Software supply chain security
CNAPP
Container Security
AWS Security
Azure Security
CI/CD
Cloud Native Security
Cloud Security
CSPM
Compliance
Container Vulnerability
DevOps and DevSecOps
Docker Security
Dynamic Container Analysis
Google Cloud Security
Image Vulnerability Scanning
Open Source
Pivotal Cloud Foundry
Red Hat OpenShift
Runtime Security
Secrets Management
Secure VMs
Security Threats
Serverless
Service Mesh
Vulnerability Management
Whitepaper
Mastering Cloud Native Vulnerability Management
eBook
Container Security Checklist
Whitepaper
Digital Operation Resilience Act (DORA):
How Financial Institutes Meet the Standard
Research and Reports
Kinsing Demystified: A Comprehensive Technical Guide
Whitepaper
DevSecOps, Making it Happen: The Essential DevSecOps Guide
Whitepaper
The 2023 Buyer’s Guide for Cloud Native Application Protection Platforms (CNAPPs)
Whitepaper
Best Practices for Securing Cloud Native Worklods on AWS
Whitepaper
Unified Security from Code to Cloud for Financial Services Institutions
Whitepaper
How to Protect FinServs from Cyber and Compliance Risk Banking on Cloud Native Security
Whitepaper
13 Recommendations: Mitigate Risk from Exposed Registries & Artifact Repositories
Whitepaper
MAS IT Cloud Security Advisory
Whitepaper
451 Business Impact Brief Kubernetes Security Must Unify Strategy
Whitepaper
451 Business Impact Security for Software Must Begin with the Supply Chain
Whitepaper
451 Business Impact The Value of a Platform Approach to Cloud-Native Security
Whitepaper
A Compliance Guide: NIST Secure Software Development Framework
Whitepaper
The Zero Trust Guide to Cloud Architecture
Whitepaper
7 Top Things You Should Know About Software Supply Chain Security Compliance
Whitepaper
The CISO's guide to CNAPP
Whitepaper
Aqua Security Federal Government Capability Statement
Whitepaper
The Security Risks of Using Open Source Software
Whitepaper
The 10 Most Common Azure Configuration Challenges
Whitepaper
Debunking the Top Seven Cloud Native Security Myths
Whitepaper
The 15 Riskiest AWS Misconfigurations
Whitepaper
Using open source software to evolve enterprise-class security solutions
Whitepaper
Securing Containers and Serverless
on AWS
Whitepaper
NIST SP 800-190
Container Security Guide
Whitepaper
Compliance Guide: Achieving HIPAA Compliance for Containers
Whitepaper
Supporting PCI-DSS Compliance for Cloud Native Environments
Whitepaper
Compliance Guide: Achieving GDPR Compliance for Containers
Aqua Security
