AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Trivy by Aqua Security: Kubernetes vulnerability scan

An innovative solution to ensure the security of Kubernetes clusters

Aqua Security announced that their Trivy solution now supports vulnerability scanning for Kubernetes components, improving security and reducing risk for businesses. The scan uses the KBOM to identify any security issues and ensure visibility and security of the Kubernetes cluster. Aqua Security is committed to Kubernetes security innovation.

This pill is also available in Italian language

Aqua Security, the pioneer in cloud native security, today announced that its open source solution Trivy now supports vulnerability scanning for Kubernetes components, as well as generation of Kubernetes Bills of Materials (KBOM). Enterprises can now better understand the components in their Kubernetes environment and their security to significantly reduce risk.

Kubernetes, security is a concern for more than half of companies

Kubernetes has been widely adopted by enterprises around the world, but according to Red Hat, more than half of enterprises are concerned about Kubernetes security, specifically, vulnerabilities and misconfigurations. Existing infrastructure scanners only scan infrastructure misconfigurations and fail to scan Kubernetes components for vulnerabilities. With this innovation in Trivy, Aqua's open source solution, this challenge is solved for the first time.

Trivy KBOM, vulnerability scanning for complete Kubernetes security

In early 2023, Aqua had announced the inclusion of KBOM in Trivy. Similar to a Software Bill of Materials (SBOM), a KBOM is the manifest of all the important components that make up the Kubernetes cluster: the control panel components, node components, and add-ons, including their versions and images . Aqua Trivy's Kubernetes vulnerability scan uses KBOM to help users understand how cluster security changes over time, identify any security issues, and know when to update cluster components. The visibility gained from KBOM generation and component vulnerability scanning is not only important for companies managing their own Kubernetes environments. Even those using a managed Kubernetes service need this level of visibility and security to determine whether their service providers are using vulnerable components that could put them at risk.

Aqua Security, continuous commitment to Kubernetes security innovation

“Just as SBOM is critical to application security, KBOM is critical to infrastructure security,” said Itay Shakury, vice president of open source at Aqua Security. “Now, with the ability to scan real Kubernetes infrastructure, as well as workloads and images, we are working to build the industry's first comprehensive Kubernetes vulnerability scanner. Aqua has established itself as a pioneer in Kubernetes security with popular tools like kube-bench and kube-hunter, and our open source team continues to work diligently to bring meaningful new capabilities to users."

Follow us on Threads for more pills like this

11/06/2023 22:09

Editorial AI

Complementary pills

Foray into the cloud: Kinsing's new modus operandiAdvanced cyberattack strategies target cloud services through a critical vulnerability

Last pills

Serious vulnerability discovered in Rabbit R1: all user data at riskVulnerability in Rabbit R1 exposes sensitive API keys. What are the privacy risks?

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat