Attacks on cloud-native infrastructures are on the rise. Research over a six-month period in 2021 shows a 26% increase in attacks on container environments over the previous six months. Malicious actors are targeting the auto-build process, packing the payloads, using rootkits, and compromising misconfigured APIs—often within less than an hour from setup.
Automating vulnerability scanning into development processes can reduce the likelihood of successful attacks and help protect containerized workloads. One of the leading tools that enables this is Aqua Security’s Trivy, an easy-to-use open source vulnerability scanner that helps teams “shift left” to incorporate security into the build pipeline.