As security professionals assess the cloud security challenges that lie ahead for the coming year, one thing is certain. Threat actors will continue to double down on their efforts, utilizing new techniques and refining pre-existing methods as they extend their ever-growing toolbox. To help enterprises stay ahead of the game, our security research team has [...]
Overly permissive defaults associated with roles and K8s subjects, such as service accounts, add risks to the attack surface of Kubernetes. And attempting to manually understand these risks and enforce least privilege rights in a Kubernetes environment is time-consuming and prone to human error. With the introduction of Kubernetes Security Posture Management (KSPM), we’ve now [...]
Boston and Tel Aviv, Israel – October 27, 2020 Aqua Security, the pure-play cloud native security leader, today announced a suite of new Kubernetes-native security capabilities, providing a holistic approach to securing applications that run on Kubernetes, across the development, deployment, and runtime phases of the application lifecycle. The company also announced significant new features in [...]
Published sources of vulnerabilities in cloud native environments are an important resource, but the information is often spread out across a variety of platforms. Since 80% of cloud native software is based on open source, this makes getting the most relevant and up-to-date vulnerability information a real challenge. Our new Aqua Vulnerability Database (AVD) consolidates [...]
It has certainly been a rough year and just as life constantly evolves, so do cyber threats. So, here are a few blogs by our cyber security research group, Team Nautilus, that got the most attention from cloud native security professionals. These blogs highlight how attackers continue to get more creative over time, as we [...]
