Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Aqua Security Unveils New Platform to Secure the Build, Infrastructure, and Workloads of Cloud Native Applications

July 2020 by Marc Jacob

Aqua Security announced the availability of its Aqua Platform in two new editions, as well as several updates to the company’s core products. Aqua WaveTM, a SaaS-only offering, delivers an integrated and easy-to-deploy solution to secure applications as they are built, and the infrastructure they are deployed on. Aqua EnterpriseTM, available as both a self-hosted and SaaS offering, adds new capabilities for securing workloads at runtime across the technology stack utilized for today’s modern IT environments.

The new Aqua Wave SaaS offering incorporates an updated version of Aqua CSPM for Cloud Security Posture Management, as well as Vulnerability Scanning and the previously announced Dynamic Threat Analysis product (Aqua DTA), both integrated as options. Plans for Aqua Wave include choices for individual developers, teams, and larger organizations.

The new release of Aqua CSPM also introduces capabilities for self-healing cloud infrastructure:

• Auto-Remediation of many common weaknesses in configuration, in addition to remediation advice that can be applied manually
• Additional public cloud support is now generally available for Google Cloud Platform (GCP) and Oracle Cloud
• Infrastructure as Code (IaC) scanning of Terraform and AWS CloudFormation to find weaknesses in deployment templates

In a recent report*, Gartner recommends that “SRM leaders looking to improve their cloud workload protection should: Consider a comprehensive cloud-native application protection platform that combines the needs mentioned above — container scanning, serverless scanning, CWPP and CSPM — in a single platform.”

The report names Aqua Security as one of three example vendors that converge CWPP and CSPM capabilities.

Aqua Enterprise is the company’s flagship cloud native security offering, incorporating numerous enhancements for cloud workload protection, and now available as a full SaaS offering or self-hosted. With access to the full spectrum of Aqua’s products from a single, integrated console, Aqua Enterprise secures the build processes, the underlying infrastructure, and running workloads whether they are deployed as VMs, containers, or serverless functions. The recent release of Aqua Enterprise introduces several new elements:

• Risk-Based Insight that provides prioritization of vulnerabilities according to specific, contextual customer environment risks, and allows to quickly identify and prioritize vulnerabilities for remediation
• New cloud VM security capabilities that improve File Integrity Monitoring (FIM), and add Linux system integrity and Windows Registry integrity controls
• Multi-App Role-Based Access Control (RBAC) allowing Separation of Duties in enterprise-wide deployments that span multiple teams and applications, providing very granular permissions and custom roles
• Visualization of risk in Kubernetes clusters in Aqua’s Risk Explorer, based on automated discovery using a native Kubernetes admission controller.

Aqua Wave and Aqua Enterprise are both generally available now.


* Gartner, Top Security and Risk Management Trends, Peter Firstbrook et. al, 27 February 2020


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts