Automating Kubernetes Security Reporting with Starboard Operator by Aqua

Aqua Cloud Native Blog \ Categories: AQUA OPEN SOURCE

AQUA OPEN SOURCE, KUBERNETES SECURITY

Automating Kubernetes Security Reporting with Starboard Operator by Aqua

Back in June 2020, we released Starboard – an open source toolkit that integrates security tools into a Kubernetes environment. We’re now happy to announce a new Starboard Operator that automates the generation of security reports in your K8s cluster. Using Starboard Operator, you can rely on the tools you’re already familiar with, like kubectl, …

AQUA OPEN SOURCE

Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action

Modern-day CI/CD pipelines enable new security approaches and transform the DevOps landscape to accommodate a variety of safety nets into the software supply chain. GitHub Actions is an example of one of those safety nets, making it possible to perform a variety of pipeline steps (build, test, and deploy) from within GitHub. We saw this …

AQUA OPEN SOURCE, SECURITY RESEARCH

Uncover Malware Payload Executions Automatically with Tracee

We have some exciting news about two new features in Tracee, Aqua’s open source container and system tracing utility. Now, Tracee is much more than just a system call tracer, it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware. Tracee can provide users with timely insights that previously required special knowledge and tools.

AQUA OPEN SOURCE

Starboard: The Kubernetes-Native Toolkit for Unifying Security

There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes environments. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of commands and …

AQUA OPEN SOURCE

Trivy Image Vulnerability Scanner Now Under Apache 2.0 License

In our view, making security tools easy to use is one of the best ways to increase adoption and help end users improve the security of their deployments. One of the strengths of our open source vulnerability scanner for container images, Trivy, is that it’s very easy to install and to integrate into different workflows. That’s …

AQUA OPEN SOURCE

A Deep Dive into eBPF: The Technology that Powers Tracee

Tracee, by Aqua Security, is an open source, lightweight, and easy to use container and system tracing utility. Tracee allows you to trace events that were generated within containers only, without needing to filter out other system processes.

AQUA OPEN SOURCE

DevSecOps with Trivy and GitHub Actions

The premise of DevSecOps is that in the Software Development Life Cycle (SDLC), each member is responsible for security. This unifies the operations and development teams in terms of security operations. DevSecOps’ goal is to add security to each step of the development process by integrating security controls and processes as early as possible in …

AQUA OPEN SOURCE

Tracee: Tracing Containers with eBPF

This week at Velocity Berlin, I’ll be giving a talk called A Beginner’s Guide to eBPF. To coincide with it, we’re opening up a new Aqua Security open source project called Tracee, which uses eBPF to trace events in containers. This isn’t something that most developers need to do on a day-to-day basis, but for those …

AQUA OPEN SOURCE

Trivy Vulnerability Scanner Joins the Aqua Open-source Family

If you’re interested in container image vulnerability scanning, there’s a good chance that you have come across the Trivy open source scanning tool. This project has been receiving rave reviews for its ease-of-use, as well as its comprehensive vulnerability tracking across both OS packages and language-specific dependencies.

AQUA OPEN SOURCE

Kube-hunter – an open source tool for Kubernetes penetration testing

Aqua released a free tool called kube-hunter to help with Kubernetes Security. You give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues – it’s like automated penetration testing.

AQUA OPEN SOURCE

Manifesto: A New Open Source Container Metadata Tool

Here at Aqua Security, we recently released an open source project to help container users manage the metadata associated with their container images. It’s called Manifesto, and it stores free-form metadata in the registry, alongside the images themselves.

AQUA OPEN SOURCE

Kube-Bench: An Open Source Tool for Running Kubernetes CIS Benchmark Tests

The Center for Internet Security provides a number of guidelines and benchmark tests for best practices in securing your code. As Michael Cherny recently described, the CIS has recently published a benchmark for Kubernetes, and now we’re pleased to tell you about our new open source implementation of these tests: kube-bench.

Page 4 of 4‹ Prev 1 2 34

Need to secure enterprise workloads?

Aqua Cloud Native Application Protection Platform (CNAPP)

Go cloud native with the experts!

Get Demo

Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Products

Get Started

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use | |