Aqua Security, the pure-play cloud-native security solutions company, has announced the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud-native environments.
The new Aqua platform reduces administrative burden and allows security teams to start with scanning and cloud security posture management (CSPM) capabilities, then add in sandboxing capabilities and workload protection as needed. The experience is streamlined regardless of scale and is available as a SaaS or self-hosted deployment.
“Scaling our cloud-native security needs is a priority for us,” said Thomas Ornell, Senior Systems Engineer at ABAX, adding “We have been working with Aqua to secure our cloud-based Kubernetes environments and improve visibility of our current risk. The tooling provided by Aqua is making it a lot easier to navigate our way through our cloud-native security strategy.”
Cloud Workload Protection Platform capabilities
The unified approach lowers management overhead for advanced run time features
The unified approach lowers management overhead for advanced run time features, in an industry where scanning during development and CSPM are easier for teams to understand and deploy as a first step, but critical Cloud Workload Protection Platform (CWPP) capabilities are sometimes left behind.
It also enables customers to benefit from better context and prioritization in identifying risks and threats, adopting a full-lifecycle approach to securing cloud-native applications. In a recent survey of cloud-native security practitioners, only 32% of respondents were confident in protecting against attacks in-progress in their cloud-native environments.
CNAPP integrates cloud security tools
In a recent report, Gartner notes that CNAPP is an emerging capability that brings together cloud security tools, including CWPP and CSPM. CNAPP tools will integrate information from both CWPP and CSPM, in order to provide more detailed insights into security behaviors in CIPS (cloud infrastructure and platform services) deployments.
Aqua is also seeing a growing trend within its customer base for the adoption of both CWPP and CSPM capabilities in a unified platform. “In the past year, Aqua has seen a 3x increase in CSPM customers who have also purchased Aqua’s CWPP capabilities,” said Amir Jerbi, Co-Founder and Chief Technology Officer (CTO) at Aqua Security.
Protecting workloads at run time
Amir Jerbi adds, “Organizations recognize the need to protect workloads at run time, and Aqua is keeping pace with that demand, bringing more unification without compromising scalability. While other solutions require multiple screens and consoles, or just provide visibility without options for workload protection, Aqua offers the industry’s only comprehensive unified platform.”
This recent release of the Aqua Platform also includes dozens of new features and capabilities, including:
- Automatic discovery and onboarding of CSPM within GCP environments.
- Scanning Google Cloud Functions for vulnerabilities and sensitive data, extending prior support for AWS Lambda and Microsoft Azure
- Migrating from the now deprecated Kubernetes PSP (Pod Security Policy) to the new PSS (Pod Security Standard) using new assurance policies and Aqua’s open-source Rego
- Enhancing run time protection with file integrity monitoring for containers, and threat response policies that specifically block reverse shell attempts and crypto-mining.
- Defining custom severities for specific vulnerabilities to conform with the customers’ internal standards.
- Finding, provisioning, and managing Aqua within AWS environments using AWS CloudFormation templates.
- New certified RedHat OpenShift Operator to automate Aqua deployments and upgrades.