Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Aqua Enhances Software Supply Chain Security with Pipeline Integrity Scanning

Aqua Security announced it added pipeline integrity scanning to prevent software supply chain attacks and assure CI/CD pipeline integrity. Powered by eBPF technology, Aqua's pipeline integrity scanner detects and blocks suspicious behavior and malware in real time, preventing code tampering and countering threats in the software build process. This industry-first solution equips organizations to feel confident in their ability to strategically stop the most aggressive software supply chain threats that produce massive attack surfaces.

With the rise of software supply chain attacks, and a constantly changing threat landscape, organizations are now being held accountable for incorporating security best practices throughout their software development lifecycles. Software integrity validation, one of these best practices, is mentioned as one of the key requirements in major industry frameworks for supply chain security including SLSA, NIST Secure Software Development Framework and the CIS Software Supply Chain Benchmark

"SolarWinds demonstrated the catastrophic effects of compromising the integrity of the software build process and the critical need to continuously validate software integrity," said Amir Jerbi, CTO of Aqua Security. "Our new pipeline integrity scanner solves one of the industry's most urgent needs to ensure the integrity of the modern development process and prevent this type of destructive software supply chain attack." 

Aqua's pipeline integrity scanner detects suspicious behavior or malware that characterizes a supply chain attack. The capability also takes advantage of behavioral signatures produced by the Aqua Nautilus research team to detect zero-day threats based on cloud native attacks seen in the wild.

After connecting to the build pipeline, pipeline integrity scanning allows developers to:  

  • Monitor the build pipeline and define a baseline for how the build operates. Teams can understand how their build pipeline runs and what is typical network activity, file access patterns and process activity in known good environments.
  • Detect any drifts from the baseline. Once the baseline is established, the scanner can detect any drift from this state and alert teams on anything unusual and anomalous (including unexpected file modification, establishing communication with a suspicious URL, usage of a dropped malicious executable) to guarantee the integrity of the build process.
  • Minimize attack vectors. Close security gaps in CI/CD pipelines by continuously scanning for pipeline drift. This allows teams to prevent the tampering of code in the earliest stages of the software build process and maintain dev tool integrity.
  • Set up assurance policies. To scale safe development practices and ensure software integrity, assurance policies can be implemented to block completion of new builds that show signs of suspicious activity. This gives developers the ability to react in the development process where it is easier to fix.

"This is the first solution of its kind," adds Jerbi. "Other software supply chain security tools only focus on code scanning or static analysis of build artifacts, such as a software bill of materials or SBOM. These are important but have proven insufficient to detect and stop supply chain attacks of this type." 

Powered by eBPF Technology

Aqua's pipeline integrity scanner leverages Tracee, the company's robust open source runtime security and forensics sensor for Linux. Thanks to its lightweight capabilities, eBPF technology can provide visibility into the build's runtime and detect threats in real time with minimal disruption. By detecting and stopping drift of the original build through eBPF-based scanning and policies, teams can protect their software from unauthorized access and prevent advanced supply chain attacks. 

Aqua is the first to introduce this dynamic capability that complements its existing shift-left capabilities including code scanning, CI/CD posture management, and next-gen SBOM to provide customers with the most comprehensive protection on the market.  

Pipeline integrity scanning is part of its Software Supply Chain Security solution that secures code, all development infrastructure, and pipeline processes so that organizations can build and ship innovation faster and more securely.  Delivered by the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP), it improves operational efficiency by connecting cloud to dev and tracing runtime risks to the code and developer who can fix them. 

Published Wednesday, May 10, 2023 3:56 PM by David Marshall
Filed under:
Get This Featured White Paper: Innovative AI Strategies Supporting Trusted Data Recovery
You may also be interested in this white paper: Florence Bank Teams with COCC and IGEL to Pivot from a Traditional to a Virtualized Desktop
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<May 2023>
SuMoTuWeThFrSa
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910