-
Cloud Cost Management Part II – Quick Wins
In the previous post we outlined and defined the three categories of cost management: Go to Source
-
Learn JQ the Hard Way, Part III – Filters
Other Posts Part I Part II Simple Filters In this section we introduce the most-frequently used feature of jq: the filter. Filters allow you to reduce a given stream of JSON to another smaller, more refined stream of JSON that you can then do more filtering or processing on on if you want. Go to Source
-
Introducing the KATE Stack
At Container Solutions, one of our ‘bread and butter’ engagements is to help a software infrastructure team move from more traditional software delivery paradigms to Cloud Native ones. Go to Source
-
Cloud Security Trends: Predictions and Strategies for Resilience
In 2025, cloud native security is set to undergo transformative progress. As Chief Information Security Officer at Aqua, I’ve seen how rapidly evolving threats and operational demands are driving organizations to redefine their approach to security. The focus is no longer just on adapting to challenges—it’s about deeply embedding security into every facet of development…
-
From Theory to Practice: How to Make DevSecOps Work in Your Organization
Houston, we have a problem: implementing DevSecOps isn’t as straightforward as it seems. DevSecOps has redefined security in modern software development, becoming the benchmark for organizational success. By embedding security into every phase of the development lifecycle, organizations can deploy faster and collaborate more efficiently while ensuring security at every step. Yet, despite its advantages,…
-
300,000+ Prometheus Servers and Exporters Exposed to DoS Attacks
In this research, we uncovered several vulnerabilities and security flaws within the Prometheus ecosystem. These findings span across three major areas: information disclosure, denial-of-service (DoS), and code execution. We found that exposed Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API keys. In this…
-
Matrix Unleashes A New Widespread DDoS Campaign
Aqua Nautilus researchers uncovered a new and widespread Distributed Denial-of-Service (DDoS) campaign orchestrated by a threat actor named Matrix. Triggered by activities detected on our honeypots, this investigation dives deep into Matrix’s methods, targets, tools, and overall goals. Aqua Nautilus researchers uncovered a new and widespread Distributed Denial-of-Service (DDoS) campaign orchestrated by a threat actor…
-
New Aqua User Experience: Streamlined Vulnerability Management
The new Aqua Hub update is designed to take the headache out of vulnerability management, addressing common challenges like alert overload and data consistency issues. With this update, teams get a clean, streamlined view of vulnerabilities that cuts through the noise, so they can focus on the critical issues without getting lost in irrelevant details. …
-
Threat Actors Hijack Misconfigured Servers for Live Sports Streaming
To keep up with the ever-evolving world of cybersecurity, Aqua Nautilus researchers deploy honeypots that mimic real-world development environments. During a recent threat-hunting operation, they uncovered a surprising new attack vector: threat actors using misconfigured servers to hijack environments for streaming sports events. By exploiting misconfigured JupyterLab and Jupyter Notebook applications, attackers drop live streaming…
-
5 Must-See Sessions at KubeCon North America
Who’s getting excited? Next week, the Cloud Native Computing Foundation’s flagship conference, KubeCon + CloudNativeCon, will kick off in Salt Lake City, Utah. In its ninth year, the conference has grown into more than just a technical conference—it’s a vibrant community event that offers attendees the tools, relationships, and inspiration to drive innovation in the…