Cloud Native Security, Container Security & Serverless Security Thu, 14 Nov 2024 14:00:54 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 https://www.aquasec.com/blog/new-aqua-user-experience-streamline-vulnerability-management/ Thu, 14 Nov 2024 04:10:26 +0000 https://www.aquasec.com/?p=23532 The new Aqua Hub update is designed to take the headache out of vulnerability management, addressing common challenges like alert overload and data consistency issues. With this update, teams get a clean, streamlined view of vulnerabilities that cuts through the noise, so they can focus on the critical issues without getting lost in irrelevant details. …]]> https://www.aquasec.com/blog/muhstik-malware-targets-message-queuing-services-applications/ Tue, 04 Jun 2024 16:39:29 +0000 https://www.aquasec.com/?p=20387 Aqua Nautilus discovered a new campaign of Muhstik malware targeting message queuing services applications, specifically the Apache RocketMQ platform. Our investigation revealed that the attackers downloaded the known malware Muhstik onto the compromised instances by exploiting a known vulnerability in the platform. In this blog, we will explore how the attackers exploit the existing vulnerability …]]> https://www.aquasec.com/blog/find-new-openssl-vulnerabilities-with-trivy/ Tue, 01 Nov 2022 18:21:44 +0000 https://www.aquasec.com/?p=14568 Today, OpenSSL announced two new CVEs and mitigation recommendations. This blog provides guidance as to how you can identify the Open SSL vulnerability using Trivy. To both identify and mitigate the vulnerability, see this blog post Updated Security Advisory: New OpenSSL Vulnerabilities about mitigation with assurance policies in Aqua’s software supply chain solution. Package installed via …]]> https://www.aquasec.com/blog/vulnerability-management-lifecycle/ Thu, 13 May 2021 10:03:53 +0000 https://www.aquasec.com/?p=15262 When it comes to containerized workloads, resolving the underlying image’s security vulnerabilities is paramount to ensuring the safety of your environment. Getting security risk information into the hands of developers quickly and efficiently is key to keeping development cycles as short as possible while maintaining a strong application security posture. What risk information can you …]]> https://www.aquasec.com/blog/vulnerability-scanning-process/ Mon, 22 Mar 2021 11:56:12 +0000 https://www.aquasec.com/?p=15301 The National Vulnerability Database (NVD), while a valuable source of vulnerability information, is inadequate for today’s cloud native ecosystem and the teams tasked with protecting it. The complex array of platforms, technologies, and deployment methodologies at play in cloud native environments means that detecting and remediating vulnerabilities (e.g., CVEs) does not eliminate all potential attack …]]> https://www.aquasec.com/blog/container-vulnerability-management/ Tue, 14 Jul 2020 12:26:26 +0000 https://www.aquasec.com/?p=15542 There’s an overwhelming number of vulnerabilities in container images – and the security of your deployments is probably suffering because of it. No matter the size of your organization, it’s a significant challenge to identify the biggest risks to your business and know what to tackle first. Merely classifying and filtering CVEs by the highest …]]> https://www.aquasec.com/blog/container-image-vulnerability-scanner-harbor/ Wed, 18 Dec 2019 13:53:51 +0000 https://www.aquasec.com/?p=15679 Harbor is an open source cloud native artifact registry, sponsored by the CNCF, that you can use as a repository for your container images. Harbor provides support for vulnerability scanning of images to make sure they are safe to deploy. We’ve been working with the Harbor team to extend its capabilities with support for pluggable …]]> https://www.aquasec.com/blog/container-vulnerability-management-best-practices/ Thu, 12 Dec 2019 14:35:37 +0000 https://www.aquasec.com/?p=15686 After four years of securing cloud native applications, our team at Aqua has learned a thing or two about applying best practices in the real world. We’ve seen many organizations succeed in establishing a sound process and tooling to achieve their security goals, and we’ve also seen those who struggle to prioritize and manage their …]]> https://www.aquasec.com/blog/container-security-vulnerabilities/ Tue, 30 Apr 2019 13:29:10 +0000 https://www.aquasec.com/?p=15838 Now that containers have been around for a few years and have had their share of disclosed vulnerabilities, it’s time to revisit some of the more interesting ones and see if there’s a recurring theme or any underlying trend to highlight. We found some of the more severe CVEs disclosed during 2017-2019 that affected the …]]> https://www.aquasec.com/blog/image-vulnerability-scanning-openshift-image-streams/ Thu, 25 Oct 2018 11:06:00 +0000 https://www.aquasec.com/?p=15930 In traditional cloud native environments, actions such as building and deploying applications will usually involve working directly with images hosted in one or more registries. Customers wishing to track changes in those images, in order to identify security and compliance issues, would need to set up an automatic process of constantly scanning them by connecting …]]>