The Story of Tracee: The Path to Runtime Security Tool

Aqua Cloud Native Blog \ Categories: AQUA OPEN SOURCE

AQUA OPEN SOURCE
The Story of Tracee: The Path to Runtime Security Tool
eBPF technology is seeing strong growth, being widely adopted in the cloud native ecosystem for monitoring, networking, and security goals. At Aqua, along with being used in commercial products, eBPF powers our open source project Tracee to detect events in running containers.
Read more
AQUA OPEN SOURCE
Simplifying Our Open Source Contributor License Agreement
At Aqua, we develop leading open source security tools, which are widely adopted by the cloud native community and industry at large. To us, open sourcing our technology is more than just making its source code available, it’s about making the project widely used and encouraging people to participate. Beyond using a permissive Apache 2.0 …
Read more
AQUA OPEN SOURCE
Using CO:RE to Achieve Portable Tracee eBPF Code
One of the biggest challenges of eBPF development is distribution of your eBPF project. With so many different versions of the Linux kernel out in the wild, it seems like an impossible task to compile your eBPF program against all of them to ensure compatibility. However, by using CO:RE, a feature of libbpf, this gets …
Read more
AQUA OPEN SOURCE
How GitLab Innovates DevOps Security Using Aqua Trivy
Digital leaders must adapt, scale, and fine-tune their operations and the solutions they provide to their customers to keep up with market demands. GitLab provides a complete DevOps platform in a single application to help developers and engineers across all industries to be successful. With many high-profile security breaches putting providers like Codecov into the …
Read more
AQUA OPEN SOURCE
Trivy’s Journey: From Personal Project to Open Source Scanner of Choice
Trivy is a comprehensive, easy-to-use open source vulnerability scanner for container images. Since its introduction two years ago, the project has gained a broad following among open source community members. I’m excited to share that it has now become the first container image vulnerability scanner to surpass 8,000 GitHub stars, making it the world’s leading …
Read more
AQUA OPEN SOURCE
Automatically Secure Your CI/CD Pipelines Using Tracee GitHub Action
In my previous post, I covered how you can secure your CI/CD pipeline with Tracee from potentially malicious code executions. We’re now releasing Tracee GitHub Action, which makes using Tracee a plug-n-play experience and doesn’t require any prior knowledge of eBPF or Docker. We’re also introducing a new capability to profile the normal behavior of …
Read more
AQUA OPEN SOURCE
Using LSM Hooks with Tracee to Overcome Gaps with Syscall Tracing
Tracee is an open source runtime security and forensics tool for Linux, built to address common Linux security issues. By leveraging the advantages of Linux extended Berkeley Packet Filter (eBPF) technology to trace systems and applications at runtime, Tracee analyzes collected events to detect suspicious behavioral patterns. In this blog, I’ll share the lessons we …
Read more
AQUA OPEN SOURCE
Aqua Enterprise vs Aqua Trivy: What’s Best for You?
Anyone looking to improve the security posture of their cloud native applications knows that a vulnerability scanner is an important tool to add to the toolkit. Automating vulnerability scanning into your build pipeline can reduce the likelihood of successful attacks and help protect your containerized workloads. There are many scanning tools available today, both open …
Read more
AQUA OPEN SOURCE, KUBERNETES SECURITY
Automating CIS Kubernetes Benchmark Compliance with Starboard Operator
Last year, we first released Starboard Operator, which automates vulnerability scanning and configuration auditing of Kubernetes workloads. We’re now pleased to announce the latest release (v0.10), which is focused on infrastructure and adds CIS Kubernetes Benchmark testing using kube-bench. The operator automatically discovers nodes and runs kube-bench on each node to get the benchmark score. …
Read more
AQUA OPEN SOURCE
Discover Security Risks with Starboard Extension for Lens Kubernetes IDE
When the Mirantis team announced the Lens Extensions API back in November 2020, we were excited to experiment with it and build an extension for Starboard, our open source Kubernetes native security toolkit. True to DevSecOps principles, the integration makes security reports accessible within Lens IDE, giving you immediate and actionable information about potential security …
Read more
AQUA OPEN SOURCE
Automating Configuration Auditing with Starboard Operator By Aqua
Back in November 2020, we introduced the Starboard Operator, which automates vulnerability scanning in a Kubernetes environment. We’re now pleased to announce the latest release (release v0.9) which adds configuration auditing using Polaris. This means that the Operator can automatically check for weaknesses in the way your Kubernetes workloads are configured, as well as scan …
Read more
AQUA OPEN SOURCE, SECURITY RESEARCH
CVE-2020-15275: New Vulnerability Exploits containerd-shim API
A year of challenges isn’t quite over yet, as a new vulnerability was found in containerd, CVE-2020-15257. When exploited, after providing a connection through the container to the host network, an attacker can gain root privileges on the host. This vulnerability was disclosed by Jeff Dileo of NCC Group, our investigation by Team Nautilus is …
Read more
Page 3 of 4‹ Prev1234Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links