Cloud-native security company Aqua Security is rolling out its new Aqua Platform with a unified console.
The company says the new platform reduces administrative burden and allows security teams to start by scanning and cloud security posture management (CSPM) and then add sandboxing capabilities and workload protection as needed. The system is available as SaaS or self-hosted deployment.
“Scaling our cloud-native security needs is a priority for us,” says ABAX senior systems engineer, Thomas Ornell.
“We've been working with Aqua to secure our cloud-based Kubernetes environments and improve visibility of our current risk. The tooling provided by Aqua is making it a lot easier to navigate our way through our cloud-native security strategy.
The unified approach lowers management overhead for advanced runtime in an industry where scanning during development and CSPM is more manageable for teams to understand and deploy as a first step. Aqua Security says it also means customers will benefit from better context and prioritisation in identifying risks and threats by adopting a full-lifecycle approach to securing cloud-native applications.
In a recent survey of cloud-native security practitioners, only 32% of respondents were confident of protecting against attacks in progress in their cloud-native environments.
According to a recent Gartner report, “Cloud-native application protection platform (CNAPP) is an emerging capability that brings together cloud security tools, including cloud workload protection platform (CWPP) and CSPM. CNAPP tools will integrate information from both CWPP and CSPM to provide more detailed insights into security behaviours in CIPS (cloud infrastructure and platform services) deployments.”
Aqua Security also sees a growing trend within its customer base to adopt CWPP and CSPM capabilities in a unified platform.
“In the past year, Aqua has seen a 3x increase in CSPM customers who have also purchased Aqua's CWPP capabilities,” says Aqua Security co-founder and CTO, Amir Jerbi.
“Organisations recognise the need to protect workloads at runtime, and Aqua is keeping pace with that demand by bringing more unification without compromising scalability. While other solutions require multiple screens and consoles or provide visibility without options for workload protection, Aqua offers the industry's only comprehensive unified platform.
Some new features and capabilities in the new Aqua Platform release include:
- Automatic discovery and onboarding of CSPM within GCP environments.
- Scanning Google Cloud Functions for vulnerabilities and sensitive data, extending prior support for AWS Lambda and Microsoft Azure Functions.
- Migrating from the now deprecated Kubernetes PSP (Pod Security Policy) to the new PSS (Pod Security Standard) using new assurance policies and Aqua's open source Rego library.
- Enhancing runtime protection with file integrity monitoring for containers and threat response policies that block reverse shell attempts and crypto mining.
- Defining custom severities for specific vulnerabilities to conform with customers' internal standards.
- Finding, provisioning, and managing Aqua within AWS environments using AWS CloudFormation templates.
- Newly certified Red Hat OpenShift Operator to automate Aqua deployments and upgrades.