Aqua Security Introduces new Aqua Platform
July 2021 by Marc Jacob
Aqua Security, rolls out the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud native environments. The new platform reduces administrative burden and allows security teams to start with scanning and cloud security posture management (CSPM) capabilities, then add in sandboxing capabilities and workload protection as needed. The experience is streamlined regardless of scale and is available as a SaaS or self-hosted deployment.
The unified approach lowers management overhead for advanced runtime features in an industry where scanning during development and CSPM are easier for teams to understand and deploy as a first step, but critical Cloud Workload Protection Platform (CWPP) capabilities are sometimes left behind. It also enables customers to benefit from better context and prioritisation in identifying risks and threats, adopting a full-lifecycle approach to securing cloud native applications. In a recent survey of cloud native security practitioners, only 32% of respondents were confident in protecting against attacks in-progress in their cloud native environments.
In a recent report, Gartner notes that "CNAPP is an emerging capability that brings together cloud security tools, including CWPP and CSPM. CNAPP tools will integrate information from both CWPP and CSPM to provide more detailed insights into security behaviours in CIPS (cloud infrastructure and platform services) deployments." *
This recent release of the Aqua Platform also includes dozens of new features and capabilities, including:
• Automatic discovery and onboarding of CSPM within GCP environments.
• Scanning Google Cloud Functions for vulnerabilities and sensitive data, extending prior support for AWS Lambda and Microsoft Azure Functions.
• Migrating from the now deprecated Kubernetes PSP (Pod Security Policy) to the new PSS (Pod Security Standard) using new assurance policies and Aqua’s open source Rego library.
• Enhancing runtime protection with file integrity monitoring for containers, and threat response policies that specifically block reverse shell attempts and cryptomining.
• Defining custom severities for specific vulnerabilities, to conform with customers’ internal standards.
• Finding, provisioning, and managing Aqua within AWS environments using AWS CloudFormation templates.
• New certified RedHat OpenShift Operator to automate Aqua deployments and upgrades.
* Gartner, How to Protect Your Clouds With CSPM, CWPP, CNAPP and CASB, Richard Bartley, 6 May 2021