Aqua takes deeper plunge into cloud-native openness 

Aqua Security is known for its technology designed to secure container-based, serverless and cloud native applications.

The company has now added to its open source DNA.

It has expanded its team by adding a group of open source software engineers and developers as part of its ongoing commitment to support open source communities.

These open dev guys (in the gender neutral sense) will develop software for cloud native environments such as Kubernetes and Prometheus etc.

Add Rice to serve (the community)

Liz Rice, Aqua’s VP of open source engineering leads the new team. 

Rice has served as chair of the Cloud Native Computing Foundation’s (CNCF) Technical Oversight Committee (TOC), as co-chair of several KubeCon/CloudNativeCon events around the world, is the co-author on the Center for Internet Security (CIS) Kubernetes Benchmark.

“Open source allows us to educate engineering, security and DevOps teams through accessible tools, reducing the skills gap and automating security controls into cloud native pipelines well before applications go into production,” said Rice. “Our new open source team ensures we can commit to creating and maintaining high quality code, as well as support our ongoing involvement in contributing to other open source community projects.”

Open projects

Aqua’s open source projects includes: be-bench: to automatically determine whether Kubernetes is deployed according to the CIS benchmark; and also kube-hunter: which searches for weaknesses in Kubernetes clusters so administrators, operators and security teams can quickly and easily identify and address any issues before attackers can exploit them. 

Others here are Trivy an open source vulnerability scanner for container images and Tracee which uses eBPF, a kernel technology that lets users run custom programs within the kernel itself, to trace events in containers.

Aqua’s Liz Rice (Image: YouTube)