Aqua’s cloud native application protection platform (CNAPP), delivered as SaaS or self-hosted, supports the customer experience from scanning and visibility to runtime workload protection
Aqua Security, the pure-play cloud native security leader, today rolls out the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud native environments. The new platform reduces administrative burden and allows security teams to start with scanning and cloud security posture management (CSPM) capabilities, then add in sandboxing capabilities and workload protection as needed. The experience is streamlined regardless of scale and is available as a SaaS or self-hosted deployment.
“Scaling our cloud native security needs is a priority for us,” said Thomas Ornell, Senior Systems Engineer, ABAX. “We have been working with Aqua to secure our cloud based Kubernetes environments and improve visibility of our current risk. The tooling provided by Aqua is making it a lot easier to navigate our way through our cloud native security strategy.”
The unified approach lowers management overhead for advanced runtime features in an industry where scanning during development and CSPM are easier for teams to understand and deploy as a first step, but critical Cloud Workload Protection Platform (CWPP) capabilities are sometimes left behind. It also enables customers to benefit from better context and prioritization in identifying risks and threats, adopting a full-lifecycle approach to securing cloud native applications. In a recent survey of cloud native security practitioners, only 32% of respondents were confident in protecting against attacks in-progress in their cloud native environments.
In a recent report, Gartner notes that “CNAPP is an emerging capability that brings together cloud security tools, including CWPP and CSPM. CNAPP tools will integrate information from both CWPP and CSPM to provide more detailed insights into security behaviors in CIPS (cloud infrastructure and platform services) deployments.” *
Aqua is also seeing a growing trend within its customer base for adoption of both CWPP and CSPM capabilities in a unified platform.
“In the past year, Aqua has seen a 3x increase in CSPM customers who have also purchased Aqua’s CWPP capabilities,” said Amir Jerbi, co-founder and CTO. “Organizations recognize the need to protect workloads at runtime, and Aqua is keeping pace with that demand bringing more unification without compromising scalability. While other solutions require multiple screens and consoles, or just provide visibility without options for workload protection, Aqua offers the industry’s only comprehensive unified platform.”
This recent release of the Aqua Platform also includes dozens of new features and capabilities, including:
- Automatic discovery and onboarding of CSPM within GCP environments.
- Scanning Google Cloud Functions for vulnerabilities and sensitive data, extending prior support for AWS Lambda and Microsoft Azure Functions.
- Migrating from the now deprecated Kubernetes PSP (Pod Security Policy) to the new PSS (Pod Security Standard) using new assurance policies and Aqua’s open source Rego library.
- Enhancing runtime protection with file integrity monitoring for containers, and threat response policies that specifically block reverse shell attempts and cryptomining.
- Defining custom severities for specific vulnerabilities, to conform with customers’ internal standards.
- Finding, provisioning, and managing Aqua within AWS environments using AWS CloudFormation templates.
- New certified RedHat OpenShift Operator to automate Aqua deployments and upgrades.
* Gartner, How to Protect Your Clouds With CSPM, CWPP, CNAPP and CASB, Richard Bartley, 6 May 2021
For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybsercurity, go to AI-Techpark.com.