Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action

Aqua Cloud Native Blog \ Tags: Aqua Open Source

AQUA OPEN SOURCE
Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action
Modern-day CI/CD pipelines enable new security approaches and transform the DevOps landscape to accommodate a variety of safety nets into the software supply chain. GitHub Actions is an example of one of those safety nets, making it possible to perform a variety of pipeline steps (build, test, and deploy) from within GitHub. We saw this …
Read more
AQUA OPEN SOURCE, SECURITY RESEARCH
Uncover Malware Payload Executions Automatically with Tracee
We have some exciting news about two new features in Tracee, Aqua’s open source container and system tracing utility. Now, Tracee is much more than just a system call tracer, it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware. Tracee can provide users with timely insights that previously required special knowledge and tools.
Read more
Uncategorized
Using Trivy to Discover Vulnerabilities in VS Code Projects
For most of us developers, our container security protocol involves some sort of static image scan for vulnerabilities. Unfortunately, to do this usually involves jumping out of one type of software program, like a code editor, to open a completely separate tool to perform the scanning. Well, the open source team at Aqua recognized the …
Read more
AQUA OPEN SOURCE
Starboard: The Kubernetes-Native Toolkit for Unifying Security
There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes environments. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of commands and …
Read more
AQUA OPEN SOURCE
Trivy Image Vulnerability Scanner Now Under Apache 2.0 License
In our view, making security tools easy to use is one of the best ways to increase adoption and help end users improve the security of their deployments. One of the strengths of our open source vulnerability scanner for container images, Trivy, is that it’s very easy to install and to integrate into different workflows. That’s …
Read more
KUBERNETES SECURITY
Kube-Query: A Simpler Way to Query Your Kubernetes Clusters
osquery is a SQL powered operating system instrumentation, monitoring, and analytics tool that exposes an operating system as a relational database. Using SQL, you can run queries to gain the status of your entire infrastructure. What’s cool about osquery is how easy it is to use the SQL query interface. kube-query is an open source reporting …
Read more
AQUA OPEN SOURCE
Trivy Vulnerability Scanner Joins the Aqua Open-source Family
If you’re interested in container image vulnerability scanning, there’s a good chance that you have come across the Trivy open source scanning tool. This project has been receiving rave reviews for its ease-of-use, as well as its comprehensive vulnerability tracking across both OS packages and language-specific dependencies.  
Read more
CONTAINER SECURITY
Amazon Firecracker: Isolating Serverless Containers and Functions
Infrastructure protection, sandboxed containers, MicroVM hypervisors– these are interchangeable terms describing emerging technologies to isolate micro-services from their underlying infrastructure. These isolation technologies aim to protect the underlying host that runs containers and functions against malicious escape and breakout attempts into other targets on the same host or on the shared infrastructure. They attempt to provide VM-level isolation …
Read more
Uncategorized
2017 in Review: Major Developments in the Container Ecosystem
From a “humble” $762 million in 2016, containers are predicted to grow faster than any other technology this year (as well as the next) and are on the way to become a $2.7B industry by 2020.
Read more
AQUA OPEN SOURCE
Manifesto: A New Open Source Container Metadata Tool
Here at Aqua Security, we recently released an open source project to help container users manage the metadata associated with their container images. It’s called Manifesto, and it stores free-form metadata in the registry, alongside the images themselves.
Read more
Page 4 of 4‹ Prev1234
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from code to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links