Shadow Roles: AWS Defaults Can Open the Door to Service Takeover

Aqua Cloud Native Blog \ Tags: AWS Security

SECURITY RESEARCH
Shadow Roles: AWS Defaults Can Open the Door to Service Takeover
Security Threat
What if the biggest risk to your cloud environment wasn’t a misconfiguration you made, but one baked into the defaults? Our research uncovered security concerns in the deployment of resources within a few AWS services, specifically in the default AWS service roles. These roles, often created automatically or recommended during setup, grant overly broad permissions, …
Read more
CONTAINER SECURITY
Embracing the Future: AWS Customers Leverage Fargate for ECS and EKS Deployments
As organizations advance in their cloud native journey, the adoption of AWS Fargate for ECS (Elastic Container Service) and EKS (Elastic Kubernetes Service) increases. Many customers begin their cloud journey with Amazon ECS, with around 65% of new AWS container customers opting for ECS. This popularity is driven by Fargate’s serverless compute engine, which allows …
Read more
SECURITY RESEARCH
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
Security Threat
During February 2024, we discovered critical vulnerabilities in six AWS services. The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data exfiltration and denial of service. 
Read more
CONTAINER SECURITY
Elevating AWS Kubernetes Security and Compliance  
Amazon Elastic Kubernetes Service (Amazon EKS) streamlines the process of deploying, managing, and scaling Kubernetes clusters on Amazon Web Services (AWS), sparing users the complexities of setting up and maintaining their own Kubernetes control plane. Kubernetes itself is an open-source platform designed to automate the management, scaling, and deployment of applications within containers.   
Read more
CLOUD SECURITY
Five Misconfigurations Threatening Your AWS Environment Today
In the ever-expanding realm of AWS, with over 200 services at your disposal, securing your cloud account configurations and mastering complex environments can feel like an overwhelming challenge. To help you prioritize and root them out, we’ve put together a guide for AWS configurations that are most commonly overlooked. Here are five of the top …
Read more
PARTNERS & ALLIANCES
Aqua CNAPP Integrates with Amazon Security Lake
Enabling Customers with Visibility and Remediation at Scale As the pioneer in cloud native security, Aqua has been at the forefront of CNAPP innovation. Today, we are pleased to announce our integration with Amazon Security Lake.   This integration allows customers the insights needed to determine their risk posture across all their AWS cloud workloads. …
Read more
PARTNERS & ALLIANCES
Remediate Vulnerabilities with Integrated Aqua and ServiceNow Workflows
The move to cloud native changed the daily operations of security teams. This shift requires teams to monitor the risk embedded within cloud environments, which increases the noise level, and piles up thousands of security issues to handle. This new reality requires different measures to handle relevant incidents based on the risk they impose and …
Read more
CLOUD WORKLOAD PROTECTION
Protecting AWS Fargate Containers at Runtime
Containers as a Service (CaaS) like AWS Fargate have proven to be a valuable mechanism for DevOps teams to build and deploy complex applications at scale. By removing the need for infrastructure management and security, customers can also reduce development costs using AWS Fargate.
Read more
AQUA OPEN SOURCE
Triaging Trivy AWS Alerts with Postee and AWS Security Hub
Security operators are getting overloaded with alerts and information coming from a variety of sources. Without proper automation and triage, this information often gets lost and unactioned upon. With Postee, this can be remediated with automating commonly taken operator actions ahead of time.
Read more
AQUA OPEN SOURCE
New for Trivy: CSPM Identifies Misconfigurations of Your AWS Services
Every cloud provider has different resources that require detailed understanding to scan for security issues. To make this easier, cloud providers offer built-in security scanners. However, those may often lack functionality and integration into your existing stack.
Read more
PARTNERS & ALLIANCES
Aqua Security Becomes AWS Security Competency Partner
Today, we are pleased to announce that Aqua Security has achieved the Security Competency in the Compliance and Privacy category in the relaunch of the Amazon Web Services (AWS) Security Competency. This designation recognizes that the Aqua Cloud Native Protection Platform (CNAPP) has demonstrated proven technology and deep expertise in helping customers achieve their cloud …
Read more
KUBERNETES SECURITY
Securing Kubernetes Everywhere with EKS Anywhere (EKS-A) Bare Metal
With the release of Amazon EKS Anywhere (EKS-A) Bare Metal, Amazon Web Services has expanded the choices of infrastructure to deploy EKS Anywhere clusters using on-premise bare metal servers as a deployment target. In support of this, Aqua has worked to ensure that as customers adopt EKS Anywhere to automate Kubernetes cluster lifecycle management for …
Read more
Page 1 of 41234Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links