Aqua Security, the pure-play cloud-native security provider announced its new Lightning Enforcer to stop zero-day attacks and shield critical vulnerabilities in production until a patch can be applied.
With its new eBPF technology, Aqua’s Lightning Enforcer provides total visibility into running workloads and allows security professionals to quickly and easily identify and stop the most advanced attacks in real time.
Zero-day vulnerabilities
While “shift left” security is a key piece to prevent vulnerabilities, misconfigurations, and supply chain threats from reaching production environments, sometimes it’s not enough. This has led to a vast increase in the number of zero-day vulnerabilities that are exploited in runtime.
On average, a new "in the wild" exploit is discovered every 17 days. These incidents emphasise the criticality of runtime protection and that simple scanning isn't enough.
Easy, safe solution
Threat actors are seeking out new attack vectors to evade the detection of previously unknown vulnerabilities"
“Last year we saw the highest number of zero-days in history,” said Amir Jerbi, CTO and co-founder at Aqua. “As organisations around the globe strengthen their cybersecurity measures, threat actors are seeking out new attack vectors to evade detection such as the identification and exploitation of previously unknown vulnerabilities."
"To combat this growing threat, Aqua is bringing to market an easy, safe solution for security teams to broadly deploy runtime security and prevent zero-days.”
Agentless solution
While snapshot-based scanning of workloads provides fast and low-friction visibility, recent data from Aqua Nautilus shows that risks increase significantly when relying exclusively on snapshot scanning of running workload images.
In the past three months, the Aqua Nautilus research team saw that in one-third of those cases, no file was written to disk or no attack executed from memory, which means those techniques could evade detection with a purely agentless solution.
Aqua Lightning Enforcer powered by eBPF
eBPF is a revolutionary technology with origins in Linux that can run sandboxed programs in an operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without changing kernel source code or loading kernel modules.
With eBPF’s flexibility, it is now possible to achieve kernel-level visibility without compromising execution efficiency or safety. The benefits of the Aqua Lightning Enforcer include:
- First and last line defence against zero-day attacks.
- Frictionless threat detection at the kernel level without the workload instability often found with traditional agents.
- Advanced malware detection helps meet regulatory mandates and compliance requirements.
- Small footprint and resource consumption.
- Application-agnostic deployment across all workloads.
The full suite of runtime protection
With three tiers of runtime protection, customers can balance speed and ease of use
Aqua is the only vendor that provides a full suite of runtime options, and Lightning rounds out Aqua’s levels of protection. With three tiers of runtime protection, customers can balance speed and ease of use with the level of protection they need.
Aqua offers Cloud Workload Scanning for the easiest and quickest snapshot security, Lightning Enforcer for a higher level of security and quick value with little-to-no configuration, and full-agent custom mode for the most technical teams who require the most advanced security.
Aqua Tracee
Aqua’s detection of anomalous behaviour goes beyond only point-in-time snapshots and catches malicious behaviour of known and unknown threats in real-time this includes both known vulnerabilities and zero-day exploits that have yet to be disclosed.
Aqua’s Runtime Protection was built based on ongoing threat intelligence feeds from Aqua Nautilus, who detect and analyse 80,000 attacks a month using Aqua’s open-source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds.
Simple and frictionless
“Other security vendors are recognising that agentless simply can’t deliver holistic cloud security,” said Jerbi. “Aqua has offered an agent-based solution since day one."
"We’ve incorporated years of innovation and research into our new Lightning Enforcer, allowing organisations to benefit from active protection that is simple and frictionless, complemented by Aqua’s agentless scanning.”
- Network / IP
- Residential security systems
- Application security
- Industrial security
- Commercial security
- Private sector security
- Public sector security
- Security management
- Security installation
- Intrusion detection
- Identity management
- Public security
- Industrial security systems
- Security software
- IP Surveillance
- Industrial surveillance
- Indoor surveillance
- IP security solutions
- Testing & Approvals
- Integration software
- Perimeter protection
- Cyber security
- Crime prevention
- Video Management System
- Corporate Security
- Indoor Security
- Data Security
- IP transmission
- Incident Management
- Cloud security
