Aqua Security, the platform provider for securing container-based, serverless, and cloud native applications, announces that the company’s flagship platform, Aqua CSP, is available on VMware Cloud Marketplace™. VMware Cloud Marketplace enables customers to discover and deploy validated, third-party solutions for VMware-based platforms – across public, private and hybrid cloud environments. Once validated, partners can easily publish their solutions for VMware customers across platforms. Customers will be able to access these third-party partner solutions directly from their cloud environments, while also being able to experience the convenience of features such as notifications, reporting, and analytics. Software development lifecycle As a VMware PKS Partner, Aqua CSP was architected specifically to address the challenges of visibility, control, and isolation in container environments, while remaining transparent and non-intrusive to DevOps, allowing organizations to reap the business benefits of containers while improving their security posture. Using Aqua CSP on VMware and Pivotal PKS provides enterprise users with an end-to-end security solution, including: Aqua Security is very excited to be a part of the VMware Cloud Marketplace"Image scanning for known vulnerabilities, malicious code detection, and enforcement of image integrity throughout the software development lifecycle Vulnerability shielding, using a form of virtual patching to detect and prevent attempts to exploit known vulnerabilities Assessment of the security posture of Kubernetes clusters against the hundreds of tests of the CIS Benchmark for Kubernetes Penetration testing of Kubernetes against dozens of attack vectors Runtime controls to monitor container activity in real time, based on custom policies and machine-learned behavioural profiles, to alert on or block suspicious activities and processes Enterprise grade software “Aqua Security is very excited to be a part of the VMware Cloud Marketplace,” said Upesh Patel, VP of Business Development for Aqua Security. “We believe that this marketplace will make it easy for VMware customers to deploy enterprise grade software in a complex computing environment.” Patel goes on to note that, “customers can build mission critical applications on Pivotal or VMware PKS and will be able to secure their entire application lifecycle in a scalable way, while automating DevSecOps processes.” “We are pleased to see Aqua Security CSP available on VMware Cloud Marketplace,” said Milin Desai, GM, Cloud Services, VMware. “Validated technologies, such as Aqua CSP, enable IT teams to reduce cost, increase efficiency, and create operational consistency across cloud environments. We’re excited to work with partners such as Aqua Security to empower customers to fully leverage their cloud investments.”
Expansion of the Aqua-Pivotal collaboration delivers comprehensive security for application development and production environments on PCF. Aqua Security, global platform provider for securing container-based and cloud native applications, has announced the public release of Aqua Security’s runtime protection for Pivotal Cloud Foundry (PCF). Users of Pivotal’s platform can download and install the Aqua Security for PCF service from Pivotal Services Marketplace, and deploy an end-to-end solution for scanning, application assurance and runtime protection for their application workloads. Cloud Foundry Application Runtime PCF includes a widely deployed distribution of Cloud Foundry Application Runtime (CFAR) and allows customers to implement the same application platform on any major vendor’s cloud, on premises or in a hybrid model. “No matter where they began their journey with Pivotal, enterprises routinely begin pushing code into production faster and more frequently with our platform. Therefore, application security checks must be accessible within the deployment pipeline in order to scale safety and compliance,” said Angus MacDonald, GM Technology Ecosystem at Pivotal. Aqua Security for PCF service “Solutions such as Aqua provide the automation and controls necessary. Together, we hope to make the task of implementing end-to-end security simpler for our customers," Angus further states. Aqua Security for PCF is offered in two tiers – standard and advanced protection. The standard tier allows users to: Scan their applications for vulnerabilities during the Continuous Integration process Provision policies to block unauthorized applications during the staging phase Scan and monitor application or container artifacts for vulnerabilities, malware, and user activity Apply host assurance policies for application or container artifacts Aqua’s advanced protection tier includes all of the standard features with an added layer of security, allowing users to: Detect and block unapproved changes to running application workloads Monitor and control application activity based on customized policies View application network connections and apply firewall rules that whitelist authorized connections Leverage granular audit trails of access activity, scan events and coverage, application activity and system events Advanced runtime protection component Aqua Security for PCF installs natively as a Buildpack (containing the languages and services used by the app) Aqua Security for PCF installs natively as a Buildpack (containing the languages, runtimes, libraries, and services used by the app), and the advanced runtime protection component is implemented as a Bosh add-on, protecting all Pivotal Application Service apps without requiring any manual changes or individual re-deployments of Aqua per application. “Since introducing scanning for Pivotal Cloud Foundry last year, we have seen tremendous interest in the PCF platform at some of our largest customers”, said Upesh Patel, VP of Business Development for Aqua. “As they progressed in their application rollouts, they are now looking to protect their production-grade applications as well, and we are pleased to deliver the complete Aqua solution for Pivotal Cloud Foundry today.” Pivotal customers can get Aqua Security for PCF directly from the Pivotal services marketplace.
Aqua Security, global platform provider for securing container-based and cloud native applications, has announced a new Private Offer capability enabling software licensing and procurement directly through Microsoft Azure Marketplace, allowing customers to utilize existing purchasing methods in place for Azure services. Aqua now offers a choice of flexible software acquisition models that allow customers to purchase licenses on Azure the way that works best for them. Software purchased directly from Aqua can easily be installed on Azure while still taking advantage of streamlined deployment through the Azure Marketplace. Aqua Cloud Native Security Platform The Aqua Cloud Native Security Platform (CSP) now offers full support for the widest range of Microsoft cloud native technologies The Aqua Cloud Native Security Platform (CSP) now offers full support for the widest range of Microsoft cloud native technologies including Azure Kubernetes Service (AKS), Azure Container Instances (ACI) and the Azure Functions serverless compute service. Out-of-the-box integration with Azure DevOps development tools, Azure Container Registry (ACR) and Azure Vault for secrets management further simplify and speed deployment. Indicative of the deeper collaboration, Microsoft recently co-sponsored KubeSec Enterprise Summit, an event produced by Aqua and held in conjunction with KubeCon in Barcelona, Spain this past May. In addition, Aqua and Microsoft are jointly conducting a series of regional marketing programs to educate customers on cloud native technologies and providing the opportunity to interact with local technical resources from both companies. Recent events have included: Kubernetes DevSecOps Summits on March 14 in San Francisco and June 4 in New York City Azure Kubernetes / Aqua Security Hands-on Workshop in Atlanta on June 18 Aqua-to-Azure integration “The tight Aqua-to-Azure integration enables us to work closely with Microsoft in co-selling and joint marketing activities that educate enterprises on how they can leverage emerging security technologies like Aqua to mitigate the security concerns of running applications in the public cloud,” said Upesh Patel, Vice President of Business Development for Aqua Security. “The Aqua-Microsoft collaboration in the field optimizes the evaluation and production rollout processes, enabling IT security teams to harden their organizations’ security postures, and DevOps to quickly realize the benefits of working within these powerful Azure environments.” Jeana Jorgenson, GM, Cloud and AI for Microsoft Corp. said, “The availability of Aqua’s enterprise class security solution through the Microsoft Azure Marketplace simplifies the process of building out a secure infrastructure for cloud applications. Customers deploying containers on Azure can utilize the Private Offer process to quickly get a quotation and complete their purchasing cycle.” Aqua CSP integrations The Aqua CSP integrations with Azure Container Services, Azure Functions and Azure DevOps environments are available now. Customers wishing to receive a quote via the Private Offer process should contact their Aqua account manager.
Aqua Security, global platform provider for securing container-based and cloud native applications, has announced that Aqua Cloud Native Security Platform (CSP) has attained VMware Partner Ready status for PKS. The validation of Aqua’s CSP validates that the solution has been tested and verified to interoperate with VMware Enterprise PKS, and can fully manage and secure workloads running on VMware Enterprise PKS. Cloud Native Security Platform We are pleased that Aqua Security has validated its Cloud Native Security Platform for VMware Enterprise PKS" “We are pleased that Aqua Security has validated its Cloud Native Security Platform for VMware Enterprise PKS. This signifies to customers that Aqua Security can be deployed with the knowledge and reassurance that Aqua fully supports the specified versions and configurations on VMware Enterprise PKS,” said Pat Lee, vice president, Emerging ISVs & Solutions, VMware. VMware Enterprise PKS enables organizations to easily deploy, run and manage Kubernetes for production with productivity and efficiency. Using Aqua’s Cloud Native Security Platform with VMware Enterprise PKS, businesses can secure their cloud native applications across the entire lifecycle at scale, getting granular visibility into security issues, and detecting and blocking attacks in real-time. Aqua’s support for PKS is an extension of the company’s existing product line, providing enterprises with multi-cloud and hybrid cloud environments with the same level of auditability, accountability and protection across the full spectrum of their cloud native infrastructure. VMware Enterprise PKS “We are excited to continue our collaboration with VMware and to be validated for VMware Enterprise PKS," noted Upesh Patel, vice president, Business Development, Aqua Security. “Enterprise adoption of Kubernetes is exploding, and with it the need for a scalable enterprise security platform. The combined strength of VMware Enterprise PKS and Aqua’s CSP delivers a secure, enterprise-ready solution to deploy cloud-native applications.” VMware Enterprise PKS Partner Application Program allows partners to test and validate their solutions that interoperate with VMware Enterprise PKS platforms. By completing the Partner Ready process and achieving the Partner Ready PKS logo, partners validate their products interoperability with VMware technologies, and agree to solely manage customer support requests for the combined solution. Aqua’s CSP can be found within the online VMware Solution Exchange (VSX) here. The VMware Solution Exchange is an online marketplace where VMware partners and developers can publish rich marketing content and downloadable software for our customers.
Aqua Security announces the general availability of Aqua Security for (PCF) as an integrated service for Pivotal Cloud Foundry (PCF). Pivotal users can now download and install the Aqua Security for PCF service from Pivotal Network, and use it to scan application or container artifacts for vulnerabilities. Cloud-Native Applications Aqua Security for PCF empowers Pivotal Cloud Foundry users to apply Aqua Security’s best practices early on in the build process to ensure that only code that complies with their organization’s security and compliance policies is deployed. “Aqua Security provides valuable insights into IT security posture with automated security scans, threat detection, remediation, and expedited compliance processes at scale,” said Nima Badiey, Head of Technology Ecosystem at Pivotal. “We are excited to make this integrated solution available to all Pivotal customers through the Pivotal Services Marketplace. One of the many advantages of using Pivotal to build containerised, cloud-native applications is that it presents an opportunity to improve application security, and Aqua helps Pivotal customers do that at DevOps speed.” Vulnerability Data Streams Developers and Security teams get actionable information on how to mitigate detected vulnerabilities Aqua Security for PCF provides enterprise customers with the following capabilities: Automatically scan application or container artifacts for known vulnerabilities, based on an updated feed from multiple resources (e.g., public CVEs, vendor-issued, proprietary vulnerability data streams and malware lists) Identify unauthorized application or container artifacts based on pre-configured assurance policies that check for: Authorization CVEs and score Presence of hard-coded secrets Presence of malware Add custom compliance checks to identify security and compliance risks (e.g., PII, PCI, GDPR-related data) Developers and Security teams get actionable information on how to mitigate detected vulnerabilities Users gain visibility into vulnerabilities in their application or container artifacts directly from CI/CD tools and the Aqua dashboard Image Assurance Policies The Aqua solution is easy to operate, supports more than 40 languages, including Java, Go, C++, Python, Ruby, NodeJS and others, as well as static binaries, and finds known vulnerabilities, embedded ‘secrets’, and malware. Users can integrate Aqua Security with their existing CI/CD tools for security testing as part of the build, with Active Directory/LDAP for user authentication, and with SIEM/analytics to output audit and alert data. Users can then approve or block application or container artifacts depending on their vulnerability posture Based on image assurance policies, users can then approve or block application or container artifacts depending on their vulnerability posture, the presence of embedded secrets, malware, and runtime configuration parameters. Lifecycle Security Controls “We are extremely excited to extend Aqua’s security capabilities to Pivotal Cloud Foundry users,” said Upesh Patel, Vice President of Business Development for Aqua Security. “Our automated lifecycle security controls enable organizations to integrate security best practices into the build process based on their compliance or corporate GRC requirements.” At the upcoming Cloud Foundry Summit Europe 2018 in Basel, Switzerland, Aqua’s John Michealson will deliver a presentation. The session will examine how the growing adoption of containers and the availability of scalable orchestration tools (e.g., Kubernetes) are creating opportunities to develop more agile, easy-to-update applications that combine stateful and stateless modes, and why that creates very different security considerations and risk profiles.
Aqua Security, global provider for securing container-based and cloud-native applications, announced that it is introducing a commercial Kubernetes application to all users of the Google Cloud Platform Marketplace (GCP Marketplace). The new offering provides customers with Aqua’s enterprise-class container security platform available in hourly per-node consumption pricing, making it much simpler to protect applications quickly with no up-front investment. For the first time ever, commercial Kubernetes applications are available to deploy with one click to Google Kubernetes Engine with a usage-based pricing model. Commercial Kubernetes applications can be deployed on-premise or even on other public clouds through the GCP Marketplace. GCP Marketplace GCP Marketplace is based on a multi-cloud and hybrid-first philosophy, focused on giving Google Cloud partners and enterprise customers flexibility without lock-in GCP Marketplace is based on a multi-cloud and hybrid-first philosophy, focused on giving Google Cloud partners and enterprise customers flexibility without lock-in. It also helps customers innovate by easily adopting new technologies from ISV partners, such as commercial Kubernetes applications, and allows companies to oversee the full lifecycle of a solution, from discovery through management. Aqua Container Security Platform The full-featured Aqua Container Security Platform, which is now available in GCP Marketplace, provides security across the application lifecycle, from development to production, and crucially secures those applications in runtime, leveraging native Kubernetes capabilities: Image Assurance Controls: Aqua can block unapproved images from running on Google Cloud Platform, at the individual node level, as well as across entire clusters, ensuring that only trusted, approved images will be able to run. Aqua’s image drift prevention feature ensures that containers remain immutable and do not deviate from their originating image, further limiting the potential of abuse. Zero-Configuration Runtime Protection: Aqua automatically profiles container behavior to enforce least-privilege controls on running containers and pods, ensuring that they only perform actions that are required in the application context and alerting on or blocking specific actions that violate the policy. Network Controls: Aqua’s container-level firewall enables enterprises to control network traffic based on Kubernetes namespaces, clusters or deployments. This allows admins to enforce network segmentation for compliance purposes, as well as limit an attack’s “blast radius” across clusters and applications. CIS Kubernetes Benchmark: Building upon Aqua’s open-source Kube-Bench, the tool widely used by the community to validate the security posture of Kubernetes deployments, Aqua incorporates CIS Kubernetes benchmark checks alongside updated Docker CIS benchmark checks. Automated checks can run daily, providing a detailed report that can also be exported for compliance. Audit Trail and Compliance: Aqua’s granular event logging includes all container-related system events and policy violations to provide additional visibility for compliance and forensics. Securing Container-Based And Cloud-Native Applications The Aqua platform drives DevSecOps automation and provides visibility and runtime protection for cloud-native workloads Aqua’s platform is currently in use by dozens of Global 1000 customers, running both on-premise and in the cloud, providing a comprehensive full-lifecycle solution for securing container-based and cloud-native applications. The Aqua platform drives DevSecOps automation and provides visibility and runtime protection for cloud-native workloads, including both host-level and network-level controls. “As the market for cloud-native technologies and container-based applications evolves, customers are looking for accessible, flexible ways to consume these technologies” said Upesh Patel, VP, Business Development at Aqua. “We are thrilled to be part of GCP Marketplace and provide advanced cloud-native application security to Google Cloud customers in a consumption-based model.” “To remain competitive and deliver on user demands, organizations adopting cloud need ready access to trusted, tested and portable applications that can run across their entire infrastructure. At Google Cloud we strive to make it as easy as possible for customers of all sizes to deploy, purchase and manage leading solutions in the cloud,” said Jennifer Lin, Director of Product Management Google Cloud. “The availability of commercial Kubernetes applications from providers like Aqua Security is a critical part of extending enterprise investments and can simplify adoption of container-based infrastructure no matter what environment they operate in, either on-premise or in the public cloud.”
Aqua Security, platform provider for securing container-based and cloud-native applications, announced that Hitachi Vantara has integrated Aqua security capabilities into the Hitachi Enterprise Cloud (HEC) Container Platform. HEC Container Platform delivers a public cloud experience for organizations that use data services, DevOps and microservices architectures on premises in a private or hybrid cloud. Hitachi Vantara selected the Aqua platform in part for its ability to deliver runtime security for multi-tenant cloud Container-as-a-Service environments. HEC Container Platform HEC Container Platform is a fully managed end-to-end solution for deploying data services such as Spark, Kafka, Cassandra, and HDFS HEC Container Platform is a fully managed end-to-end solution for deploying data services such as Spark, Kafka, Cassandra, and HDFS. Kubernetes container orchestration is also included out of the box, alongside Docker and the native Marathon orchestrator, to provide customers with simplified single-click deployment of Marathon and Kubernetes. HEC Container Platform users can run containers on demand without having to provision or manage virtual machine instances. “Integrating the Aqua Solution enables us to deliver a far more comprehensive and granular way of protecting customer data, applications and workloads at every stage of the DevOps process,” said John Murphy, vice president of global solutions at Hitachi Vantara. “In addition, Aqua’s multi-tenancy solution allows us to automatically segregate customer content and apply policy-based security controls consistently throughout varied environments. Aqua helps us provide a hassle-free experience for our customers to move and securely manage their workloads in the HEC Container Platform environment.” Enhanced Cyber Security “We’re excited to partner with Hitachi in enabling organizations to leverage the advantages that containers and cloud-native environments present, without having to manage complex infrastructure or worry about securing these environments,” said Upesh Patel, VP Business Development at Aqua. “Together with Aqua Link partners, we are committed to incorporating security best practices throughout the container environments, delivering the best available defense against cyber threats, and bridging the gap between DevOps and IT security.” Aqua Link Partner Program Expands To Include MSPs The Aqua Link Partner Program spans a broad spectrum of partnership modelsAs a leader in container and cloud-native application security, Aqua works closely with global partners who understand the importance of securing and monitoring containerized applications and strive to enhance their solutions portfolio with enterprise-grade technology. The Aqua Link Partner Program spans a broad spectrum of partnership models, including Technology Alliance Partners with integrated offerings in the cloud-native stack, Solutions Providers that offer Aqua products and deliver technical services to deploy and manage Aqua in customer environments, and System Integrators & Consultants with expertise and trained staff worldwide to support Aqua implementations. By introducing support for managing multi-tenant environments, with the required segregation of policies, enforcement, monitoring and reporting, Aqua is uniquely positioned to deliver deeply integrated solutions through Managed Service Providers such as Hitachi Vantara.