Aqua Security unifies cloud security posture management with runtime workload protection

Aqua Security Software Ltd. is revamping its cloud-native security platform, adding a unified console that brings all of its tools, including its cloud security posture management and cloud workload protection platform capabilities, into a single interface.

The new Aqua Platform announced today provides access to a comprehensive suit of security tools that companies can use to protect cloud-native, container-based and serverless applications from threats such as malware and ransomware. It helps developers to automate the security and compliance posture of their apps, monitor usage and control access, among other things.

Aqua says the main advantage of Aqua Platform is it gives users full visibility into the activity of their containers, which host the components of their apps. With this, developers can easily detect and prevent attacks and other suspect activity, in real time. Aqua Platform integrates with application lifecycle and orchestration tools, enabling security processes and regulatory compliance to be enforced automatically.

By creating a unified console, Aqua says, it’s reducing the administrative burden for security teams so they can start off with basic scanning and CSPM, and then add whatever sandboxing and workload protection capabilities they need as and when they’re required. The unified console also provides better context and prioritization when it comes to identifying risks and threats, thereby helping customers adopt a full-lifecycle approach to securing their cloud-native applications.

Aqua Security co-founder and Chief Technology Officer Amir Jerbi told SiliconANGLE that the company’s CSPM tools weren’t fully integrated with its workload protection capabilities before, and that there was no natural upgrade path from one solution area to the other, in either direction.

“So we are unifying the user experience to support our customers in using our CSPM, cloud workload protection, scanning and dynamic threat analysis tools in a single platform,” he said. “User management, RBAC, dashboards and UI flows are all unified now.”

Jerbi added that this unification is necessary because Aqua is seeing a shift in the cloud-native security market where teams are looking for more complete visibility and control over their cloud applications, as opposed to separate solutions that secure their development environments and runtime environments. Evidence of this comes from a three-times increase in CSPM customers that have also purchased its workload protection capabilities, he said.

“Organizations recognize the need to protect workloads at runtime and Aqua is keeping pace with that demand, bringing more unification without compromising scalability,” Jerbi said. “Other solutions require multiple screens and consoles or provide visibility without options for workload protection or response.”

Constellation Research Inc. analyst Liz Miller told SiliconANGLE she agrees that unified security operations will present many advantages. She said companies that are using cloud-native environments and DevOps to move at the speed of ideas do not want to slow things back down in the name of security.

“The promise of a unified platform that can bring these cloud-native environments and applications into a single, streamlined view and optimized security posture is an important one for organizations looking to build their next generation of business on the power of cloud,” Miller said. “The moves Aqua has been making telegraph a good vision of where innovation and cloud can head… without leaving security behind as an afterthought.”

Today’s release throws in a ton of new functions and features too, including automatic discovery and onboarding of CSPM within Google Cloud environments, the ability to customize CSPM configuration checks with configurable plugins, Google Cloud Functions scanning capabilities and more besides.

Aqua has had a busy few months, with today’s release coming hot on the heels of its acquisition of the open-source “infrastructure as code” scanning tool tfsec, which added important security scanning capabilities to its platform. That acquisition was made possible thanks to the company’s $135 million Series E funding round in March that saw it reach “unicorn” status with a valuation of more than $1 billion.

Image: Aqua Security