Cloud Native Security, Container Security & Serverless Security Mon, 04 Nov 2024 13:59:49 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 https://www.aquasec.com/blog/5-must-see-sessions-at-kubecon-north-america/ Mon, 04 Nov 2024 04:42:07 +0000 https://www.aquasec.com/?p=23393 Who’s getting excited? Next week, the Cloud Native Computing Foundation’s flagship conference, KubeCon + CloudNativeCon, will kick off in Salt Lake City, Utah. In its ninth year, the conference has grown into more than just a technical conference—it’s a vibrant community event that offers attendees the tools, relationships, and inspiration to drive innovation in the …]]> https://www.aquasec.com/blog/introducing-vex-hub-unified-repository-for-vex-statements/ Mon, 16 Sep 2024 03:30:05 +0000 https://www.aquasec.com/?p=22575 VEX (Vulnerability eXploitability Exchange) is an emerging industry standard for communicating the relevance and impact of security vulnerabilities on software artifacts. This approach allows software maintainers to indicate when a specific vulnerability in a software dependency is irrelevant to their software due to the specific use case of that dependency. By conveying this crucial information …]]> https://www.aquasec.com/blog/scanning-kbom-for-vulnerabilities-with-trivy/ Mon, 06 Nov 2023 11:56:28 +0000 https://www.aquasec.com/?p=14209 Early this summer we announced the release of Kubernetes Bills of Material (KBOM) as part of Trivy, our all in one, popular open source security scanner. In the blog we discussed how KBOM is the manifest of all the important components that make up your Kubernetes cluster: Control plane components, Node Components, and Addons, including …]]> https://www.aquasec.com/blog/trivy-kubernetes-cis-benchmark-scanning/ Wed, 19 Apr 2023 09:59:00 +0000 https://www.aquasec.com/?p=14431 CIS (Center for Internet Security) compliance scanning is a standard in Kubernetes (K8s) security and is widely adopted across the industry with implementations in several security scanners. Kube-bench, an open source project developed by Aqua Security was one of the first projects to provide Kubernetes CIS compliance scanning and became a staple in K8s security. …]]> https://www.aquasec.com/blog/kubernetes-benchmark-scans-trivy-cis-nsa-reports/ Tue, 31 Jan 2023 18:11:13 +0000 https://www.aquasec.com/?p=14486 One of Trivy’s core features is Trivy Kubernetes for in-cluster security scans of running workloads. This tutorial will showcase how to generate CIS and NSA reports both through the Trivy CLI and the Trivy Operator. Additionally, we will look at how users can add the Kubernetes Specification for their own Compliance Report format to expand …]]> https://www.aquasec.com/blog/trivy-now-scans-amazon-machine-images-amis/ Thu, 01 Dec 2022 16:42:49 +0000 https://www.aquasec.com/?p=14538 While more and more companies are moving to a cloud native technologies to manage their workloads and infrastructure, Virtual Machines (VMs) remain a staple infrastructure that powers many existing organizations and applications. Trivy, the all-in-one open-source security scanner, already scans most of the cloud native stack including containers, clusters, and clouds. Today, we are announcing …]]> https://www.aquasec.com/blog/trivy-scans-unpackaged-binary-files/ Wed, 02 Nov 2022 17:51:23 +0000 https://www.aquasec.com/?p=14562 Trivy, the all-in-one security scanner, is now able to scan binary files in your scan targets such as container images. Most security scanners rely on package managers to discover vulnerabilities. Trivy now uses Rekor from Sigstore to look up the hash of a binary file. If a relevant SBOM is found through the hash, Trivy …]]> https://www.aquasec.com/blog/vulnerability-scanning-trivy-vs-the-trivy-operator/ Thu, 13 Oct 2022 15:29:20 +0000 https://www.aquasec.com/?p=14592 Over the past few months Aqua Trivy, the all-in-one cloud native security scanner, has rapidly grown in features and tapped into new use cases. In this blog post, we will explore An overview of Trivy The different use cases that Trivy covers An overview of the Trivy Operator The difference between Trivy and the Trivy …]]> https://www.aquasec.com/blog/triaging-trivy-aws-alerts-with-postee-and-aws-security-hub/ Fri, 30 Sep 2022 09:00:00 +0000 https://www.aquasec.com/?p=14600 Security operators are getting overloaded with alerts and information coming from a variety of sources. Without proper automation and triage, this information often gets lost and unactioned upon. With Postee, this can be remediated with automating commonly taken operator actions ahead of time. Recently, we added the capability for Postee alerts to be sent to …]]> https://www.aquasec.com/blog/now-you-can-scan-your-aws-services-for-security-issues-with-trivy/ Mon, 12 Sep 2022 19:32:07 +0000 https://www.aquasec.com/?p=14652 Every cloud provider has different resources that require detailed understanding to scan for security issues. To make this easier, cloud providers offer built-in security scanners. However, those may often lack functionality and integration into your existing stack. To make security scanning easier, we have added Cloud Security Scanning to Trivy starting with Trivy AWS. This …]]>