DEVOPSdigest

Aqua Security rolls out the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud native environments.

The new platform reduces administrative burden and allows security teams to start with scanning and cloud security posture management (CSPM) capabilities, then add in sandboxing capabilities and workload protection as needed. The experience is streamlined regardless of scale and is available as a SaaS or self-hosted deployment.

The unified approach lowers management overhead for advanced runtime features in an industry where scanning during development and CSPM are easier for teams to understand and deploy as a first step, but critical Cloud Workload Protection Platform (CWPP) capabilities are sometimes left behind. It also enables customers to benefit from better context and prioritization in identifying risks and threats, adopting a full-lifecycle approach to securing cloud native applications. In a recent survey of cloud native security practitioners, only 32% of respondents were confident in protecting against attacks in-progress in their cloud native environments.

“In the past year, Aqua has seen a 3x increase in CSPM customers who have also purchased Aqua’s CWPP capabilities,” said Amir Jerbi, Co-Founder and CTO. “Organizations recognize the need to protect workloads at runtime, and Aqua is keeping pace with that demand bringing more unification without compromising scalability. While other solutions require multiple screens and consoles, or just provide visibility without options for workload protection, Aqua offers the industry’s only comprehensive unified platform.”

This recent release of the Aqua Platform also includes dozens of new features and capabilities, including:

- Automatic discovery and onboarding of CSPM within GCP environments.

- Scanning Google Cloud Functions for vulnerabilities and sensitive data, extending prior support for AWS Lambda and Microsoft Azure Functions.

- Migrating from the now deprecated Kubernetes PSP (Pod Security Policy) to the new PSS (Pod Security Standard) using new assurance policies and Aqua’s open source Rego library.

- Enhancing runtime protection with file integrity monitoring for containers, and threat response policies that specifically block reverse shell attempts and cryptomining.

- Defining custom severities for specific vulnerabilities, to conform with customers’ internal standards.

- Finding, provisioning, and managing Aqua within AWS environments using AWS CloudFormation templates.

- New certified Red Hat OpenShift Operator to automate Aqua deployments and upgrades.