Aqua Security Unveils New Platform to Secure the Build, Infrastructure, and Workloads of Cloud Native Applications
July 21, 2020Aqua Security announced the availability of its Aqua Platform in two new editions, as well as several updates to the company’s core products. Aqua Wave, a SaaS-only offering, delivers an integrated and easy-to-deploy solution to secure applications as they are built, and the infrastructure they are deployed on. Aqua Enterprise, available as both a self-hosted and SaaS offering, adds new capabilities for securing workloads at runtime across the technology stack utilized for today’s modern IT environments.
“We have been investing aggressively in innovation resulting in truly unique capabilities for protecting our customers’ cloud native stacks. Having established dedicated teams focusing on cyber security research and open source development, we’re cementing our position as the cloud native security industry experts,” noted Dror Davidoff, CEO and co-founder of Aqua. “In recent months we introduced new products such as Aqua Dynamic Threat Analysis to identify hidden malware before they reach production, and Aqua vShield to protect vulnerable applications from exploits when fixes are unavailable or cannot be applied. The new Aqua Wave and Aqua Enterprise offerings further extend our ability to deliver best-in-class solutions however customers choose, entirely as SaaS, on-premises, or in a hybrid model.”
The new Aqua Wave SaaS offering incorporates an updated version of Aqua CSPM for Cloud Security Posture Management, as well as Vulnerability Scanning and the previously announced Dynamic Threat Analysis product (Aqua DTA), both integrated as options. Plans for Aqua Wave include choices for individual developers, teams, and larger organizations.
The new release of Aqua CSPM also introduces capabilities for self-healing cloud infrastructure:
- Auto-Remediation of many common weaknesses in configuration, in addition to remediation advice that can be applied manually
- Additional public cloud support is now generally available for Google Cloud Platform (GCP) and Oracle Cloud
- Infrastructure as Code (IaC) scanning of Terraform and AWS CloudFormation to find weaknesses in deployment templates
In a recent report, Gartner recommends that “SRM leaders looking to improve their cloud workload protection should: Consider a comprehensive cloud-native application protection platform that combines the needs mentioned above – container scanning, serverless scanning, CWPP and CSPM – in a single platform.”
The report names Aqua Security as one of three example vendors that converge CWPP and CSPM capabilities.
Aqua Enterprise is the company’s flagship cloud native security offering, incorporating numerous enhancements for cloud workload protection, and now available as a full SaaS offering or self-hosted. With access to the full spectrum of Aqua’s products from a single, integrated console, Aqua Enterprise secures the build processes, the underlying infrastructure, and running workloads whether they are deployed as VMs, containers, or serverless functions. The recent release of Aqua Enterprise introduces several new elements:
- Risk-Based Insight that provides prioritization of vulnerabilities according to specific, contextual customer environment risks, and allows to quickly identify and prioritize vulnerabilities for remediation
- New cloud VM security capabilities that improve File Integrity Monitoring (FIM), and add Linux system integrity and Windows Registry integrity controls
- Multi-App Role-Based Access Control (RBAC) allowing Separation of Duties in enterprise-wide deployments that span multiple teams and applications, providing very granular permissions and custom roles
- Visualization of risk in Kubernetes clusters in Aqua’s Risk Explorer, based on automated discovery using a native Kubernetes admission controller.
Aqua Wave and Aqua Enterprise are both generally available now. For more information, please visit www.aquasec.com.