Aqua News

Contact Aqua PR

Aqua Security Achieves ISO 27001, SOC Type II Certifications

March 8, 2021

Aqua Security has announced that it has achieved both ISO 27001 and SOC Type II certifications. These certifications demonstrate Aqua’s adherence to the highest operational standards for security controls and information management across company functions and the readiness of its SaaS offerings to serve enterprise-grade customers. As the most widely recognized ISO/IEC 27000 compliance standard, ISO …

Read more

Aqua Security Details Docker Hub, Bitbucket Cryptojacking Attack

March 8, 2021

The Team Nautilus security researchers at Aqua Security have reported the discovery of cryptomining activity that involved 92 malicious Docker Hub registries and 92 Bitbucket repositories, all set up over the course of four days. The attacks were discovered using a dynamic threat analysis (DTA) tool developed by Aqua for identifying security issues in production environments. …

Read more

Aqua Security Announces Security and Compliance Certifications

March 8, 2021

Aqua Security announced that it has achieved both ISO 27001 and SOC Type II certifications. These certifications demonstrate Aqua’s adherence to the highest operational standards for security controls and information management across company functions and the readiness of its SaaS offerings to serve enterprise-grade customers. “As the DevOps movement transforms the way we think about information …

Read more

The State of Kubernetes and Docker Security in 2021

March 5, 2021

In 2020, our Nautilus research team saw yet more attacks targeting the cloud native supply chain and infrastructure. These security threats, including fileless malware in containers, taking advantage of misconfigured Docker API ports, and using container images for attacks are, admittedly, relatively unsophisticated. However, despite this lack of sophistication they are still successful, and it …

Read more

How to improve your open source strategy in 2021: 5 steps

February 24, 2021

“First impressions count, so take a look at the README for your project’s GitHub repo,” says Liz Rice, VP of open source engineering at Aqua Security. “This is often the first thing that a potential user might see, so it needs to make it very clear what this project will do and how it’s going to …

Read more

How digital transformation is changing the role of the CISO

February 23, 2021

Digital transformation has become a key initiative for many enterprises, facilitated by the emergence of easy-to-use cloud-native technologies such as containers and Kubernetes. This year, the COVID-19 outbreak has pushed enterprises even further to accelerate their digital journeys. As they do this, security is constantly raised as a key concern, but it should also be viewed as …

Read more

Container, Serverless & Cloud Native Security Flash – February 2021

February 12, 2021

While it’s the shortest month of the year, there’s no shortage of news and activity in cloud native security. Open Policy Agent (OPA) project has graduated at CNCF, demonstrating the growing adoption of policy enforcement tools in cloud native deployments. On a threat front, a serious privilege escalation vulnerability (CVE-2021-3156) was found in sudo, and the attacks move up …

Read more

Cloud Native Apps Make Software Supply Chain Security More Important Than Ever

February 11, 2021

Aqua Security’s research team, Nautilus, recently revealed that several SaaS services used by container developers are susceptible to cryptocurrency mining. While the risks are real, organizations will not stop using open source software. The efficiency benefits are too great to simply go back and write software from scratch. Open source is here to stay.

Read more