Dror Davidoff

Aqua Security, the pure-play cloud-native security front-runner, announced that it has achieved both ISO 27001 and SOC Type II certifications. These certifications demonstrate Aqua’s adherence to the highest operational standards for security controls and information management across company functions and the readiness of its SaaS offerings to serve enterprise-grade customers. “As the DevOps movement transforms the way we think about information safety, it’s critical for security providers to demonstrate that the confidence placed in them by their customers and partners is justified,” said Dror Davidoff, CEO and Co-Founder of Aqua. “Aqua Security has moved aggressively to ensure that our full range of solutions is available both for on-premises software deployments as well as under a Software-as-a-Service model. These certifications also further demonstrate our commitment to being the foremost experts in delivering a robust cloud-native security SaaS solution.” ISO 27001 certification As the most widely recognized ISO/IEC 27000 compliance standard, ISO 27001 Certification demonstrates organizational excellence in the overall security of all assets in Aqua’s information security management system. To achieve the certification, Aqua’s organisational processes were comprehensively assessed in areas ranging from IT to HR, support, administration and DevOps. The certification is the culmination of a concerted effort on the part of Aqua staff across the globe. Maintaining this certification validates that Aqua’s internal controls are established As further validation of Aqua Security’s commitment to operational excellence, the company undergoes a yearly SOC Type II audit, which is the most rigorous Systems and Organisation Controls certification recognized by the American Institute of Certified Public Accountants. SOC Type II certification The process involves a thorough evaluation of all services and products within the company. Maintaining this certification validates that Aqua’s internal controls are established and operated securely according to recognized industry criteria. These two significant certifications show how Aqua fulfills the most stringent requirements related to the confidentiality, integrity, and availability of information within the organization, ensuring that all business partners and customers can do business with the assurance of safety and confidentiality of their information.

Aqua Security, the pure-play cloud-native security, announced that its Cloud Native Security Platform is available through Red Hat® Marketplace, an open cloud marketplace that makes it easier to discover and access certified software for container-based environments across the hybrid cloud. Built in partnership by Red Hat and IBM, Red Hat Marketplace is designed to meet the unique needs of developers, procurement teams and IT leaders through simplified and streamlined access to popular enterprise software products, including the Aqua Platform. Prevent suspicious activity The Aqua Platform provides full visibility into application activity, allowing organizations to detect and prevent suspicious activity and attacks, providing transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua’s native integration with OpenShift provides a full-stack security solution for the joint customers, automating security controls in CI/CDs like OpenShift Pipelines and enforcing application immutability in production. The Red Hat Marketplace makes it easy for users to find and purchase the Aqua Platform, and they can then use the on-demand deployment capability to install and evaluate Aqua with zero-touch and minimal configuration. Existing customers can also use the same on-demand, zero-touch environment to purchase additional licenses. Growing business efficiently “Enterprise buying patterns are increasingly shifting toward automated, online billing mechanisms that allow companies to leverage existing cloud or services budgets, as well the flexibility to utilize OPEX budgets for software purchases when necessary,” said Dror Davidoff, CEO and co-founder of Aqua. “By working more closely with our industry-leading partners like Red Hat and IBM, we are able to leverage the multitude of sales platforms they offer to help accelerate time-to-value for our joint customers while growing our business efficiently.” Simplifying purchase “We believe Red Hat Marketplace is an essential destination to unlock the value of cloud investments,” said Lars Herrmann, senior director of technology partnerships, Red Hat. “With the marketplace, we are making it as fast and easy as possible for companies to implement the tools and technologies that can help them succeed in this hybrid multi-cloud world. We've simplified the steps to find and purchase the Aqua Platform that is tested, certified and supported on Red Hat OpenShift, and we've removed operational barriers to deploy and manage Aqua on Kubernetes-native infrastructure to secure your applications.” All solutions available through the Red Hat Marketplace have been tested and certified for Red Hat OpenShift Container Platform, allowing them to run anywhere OpenShift runs.

Aqua Security, the globally renowned pure-play cloud native security solutions firm, has announced the availability of its Aqua Platform in two new editions, as well as several updates to the company’s core products.  Aqua Wave SaaS-only offering Aqua Wave, a SaaS-only offering, delivers an integrated and easy-to-deploy solution to secure applications as they are built, along with the infrastructure they are deployed on. Aqua Enterprise, available as both a self-hosted and SaaS offering, adds new capabilities for securing workloads at runtime across the technology stack utilized for modern IT environments. “We have been investing aggressively in innovation resulting in truly unique capabilities for protecting our customers’ cloud native stacks. Having established dedicated teams focusing on cyber security research and open source development, we’re cementing our position as the cloud native security industry experts,” noted Dror Davidoff, Chief Executive Officer (CEO) and Co-founder of Aqua Security. Aqua Dynamic Threat Analysis and Aqua vShield The new Aqua Wave and Aqua Enterprise offerings further extend our ability to deliver best-in-class solutions" Dror adds, “In recent months, we introduced new products such as Aqua Dynamic Threat Analysis to identify hidden malware before they reach production, and Aqua vShield to protect vulnerable applications from exploits when fixes are unavailable or cannot be applied.” He further said, “The new Aqua Wave and Aqua Enterprise offerings further extend our ability to deliver best-in-class solutions however customers choose, entirely as SaaS, on-premises, or in a hybrid model.” Cloud Security Posture Management and Vulnerability Scanning The new Aqua Wave SaaS offering incorporates an updated version of Aqua CSPM for Cloud Security Posture Management, as well as Vulnerability Scanning and the previously announced Dynamic Threat Analysis product (Aqua DTA), both integrated as options. Plans for Aqua Wave include choices for individual developers, teams, and larger organizations. The new release of Aqua CSPM also introduces capabilities for self-healing cloud infrastructure: Auto-Remediation of many common weaknesses in configuration, in addition to remediation advice that can be applied manually. Additional public cloud support is now generally available for Google Cloud Platform (GCP) and Oracle Cloud. Infrastructure as Code (IaC) scanning of Terraform and AWS CloudFormation to find weaknesses in deployment templates. Deploying cloud-native application protection platform The report names Aqua Security as one of three example vendors that have converged CWPP and CSPM capabilities In a recent report, Gartner recommends that SRM leaders looking to improve their cloud workload protection should consider a comprehensive cloud-native application protection platform that combines the needs mentioned, including container scanning, serverless scanning, CWPP and CSPM, all in a single platform. The report names Aqua Security as one of three example vendors that have converged CWPP and CSPM capabilities. Aqua Enterprise Aqua Enterprise is the company’s flagship cloud native security offering, incorporating numerous enhancements for cloud workload protection and now also available as a full SaaS offering or self-hosted. With access to the full spectrum of Aqua’s products from a single, integrated console, Aqua Enterprise secures the build processes, the underlying infrastructure, and running workloads whether they are deployed as VMs, containers, or serverless functions. The recent release of Aqua Enterprise introduces several new elements: Risk-Based Insight that provides prioritization of vulnerabilities, according to specific, contextual customer environment risks, and which also allows quick identification and prioritization of vulnerabilities for remediation. New cloud VM security capabilities that improve File Integrity Monitoring (FIM), and add Linux system integrity and Windows Registry integrity controls. Multi-App Role-Based Access Control (RBAC) allowing Separation of Duties in enterprise-wide deployments that span multiple teams and applications, providing very granular permissions and custom roles. Visualization of risk in Kubernetes clusters in Aqua’s Risk Explorer, based on automated discovery using a native Kubernetes admission controller. Aqua Wave and Aqua Enterprise are both generally available in the market.

The Aqua Container Security Platform gives organizations total control over the security and compliance posture of software containers Aqua Security™ (formerly named Scalock) today announced the company’s formal launch and General Availability of the Aqua Container Security Platform, the industry’s most comprehensive solution for securing containerized environments. The Aqua Container Security Platform provides organizations with full control over the security and compliance posture of software containers at all times, enabling them to reap the agility, flexibility and efficiency benefits container-based application architectures provide. Challenges Posed By Containers “Containers bring tremendous benefits to the efficiency and speed of application development and delivery, but they also present new challenges in security,” said Raffi Margaliot, SVP & General Manager, Application Delivery Management, Hewlett Packard Enterprise.  “With Aqua's Container Security Platform we can help our customers automate and improve their container security and compliance posture, control user access and monitor usage in real-time – all via a fully automated, integrated solution.” "Containers bring tremendousbenefits to the efficiency andspeed of applicationdevelopment and delivery, butthey also present new challengesin security" “I’m extremely excited about Aqua. Software containers are taking the enterprise IT world by storm, but they present new security and control gaps that cannot be addressed using existing approaches and tools,” said Shlomo Kramer, Aqua Security founding investor.  “Aqua’s container security platform provides granular, context-aware container security while automating the entire process, allowing enterprises to focus on deploying and running applications.” Container-based Development Strategy Aqua was co-founded by CEO Dror Davidoff, former McAfee/Intel security, and by CTO Amir Jerbi, former Chief Architect of CA Technologies Security business unit, with more than 14 patents to his name. Aqua’s launch follows the completion of an extended beta program comprised of more than a dozen enterprise customers, the majority of them Fortune 500 companies, reluctant to move forward on a container-based development strategy without appropriate security measures in place.  Aqua's Comprehensive Security Solution The Aqua Container Security Platform delivers the most comprehensive security solution built for containerised environments, supporting Docker and Windows containers, and available for on-premises deployment. Providing development-to-production container lifecycle protection, its key features include: Image assurance that includes both passive as well as active scanning, and continuously assures images integrity and enforces correct use. Fine-grained, role-based user access control that limits user access and type of access to specific containers, hosts, and applications. Full visibility, monitoring and audit trail for container activity, user access and host configuration changes. Automated security policies that provide an optimal security wrapper for containers and does not require manual intervention. Runtime protection that includes both real-time detection as well as prevention when container behavior breaks policy. Integrations with a variety of image registries, CI/CD tools, SIEM and analytics tools. “At Aqua our goal is to provide a truly immersive security ‘envelope’ for containers, providing multiple layers that protect containers from multiple risks,” said Dror Davidoff, Co-founder and CEO, Aqua Security. “By providing a fully automated solution, we bridge the gap between DevOps and IT security, enabling container adoption while providing the necessary oversight and security policy enforcement that enterprises require.”