Aqua Security, the globally renowned pure-play cloud native security solutions firm, has announced the availability of its Aqua Platform in two new editions, as well as several updates to the company’s core products.
Aqua Wave SaaS-only offering
Aqua Wave, a SaaS-only offering, delivers an integrated and easy-to-deploy solution to secure applications as they are built, along with the infrastructure they are deployed on. Aqua Enterprise, available as both a self-hosted and SaaS offering, adds new capabilities for securing workloads at runtime across the technology stack utilised for modern IT environments.
“We have been investing aggressively in innovation resulting in truly unique capabilities for protecting our customers’ cloud native stacks. Having established dedicated teams focusing on cyber security research and open source development, we’re cementing our position as the cloud native security industry experts,” noted Dror Davidoff, Chief Executive Officer (CEO) and Co-founder of Aqua Security.
Aqua Dynamic Threat Analysis and Aqua vShield
The new Aqua Wave and Aqua Enterprise offerings further extend our ability to deliver best-in-class solutions"
Dror adds, “In recent months, we introduced new products such as Aqua Dynamic Threat Analysis to identify hidden malware before they reach production, and Aqua vShield to protect vulnerable applications from exploits when fixes are unavailable or cannot be applied.”
He further said, “The new Aqua Wave and Aqua Enterprise offerings further extend our ability to deliver best-in-class solutions however customers choose, entirely as SaaS, on-premises, or in a hybrid model.”
Cloud Security Posture Management and Vulnerability Scanning
The new Aqua Wave SaaS offering incorporates an updated version of Aqua CSPM for Cloud Security Posture Management, as well as Vulnerability Scanning and the previously announced Dynamic Threat Analysis product (Aqua DTA), both integrated as options. Plans for Aqua Wave include choices for individual developers, teams, and larger organisations.
The new release of Aqua CSPM also introduces capabilities for self-healing cloud infrastructure:
- Auto-Remediation of many common weaknesses in configuration, in addition to remediation advice that can be applied manually.
- Additional public cloud support is now generally available for Google Cloud Platform (GCP) and Oracle Cloud.
- Infrastructure as Code (IaC) scanning of Terraform and AWS CloudFormation to find weaknesses in deployment templates.
Deploying cloud-native application protection platform
The report names Aqua Security as one of three example vendors that have converged CWPP and CSPM capabilities
In a recent report, Gartner recommends that SRM leaders looking to improve their cloud workload protection should consider a comprehensive cloud-native application protection platform that combines the needs mentioned, including container scanning, serverless scanning, CWPP and CSPM, all in a single platform.
The report names Aqua Security as one of three example vendors that have converged CWPP and CSPM capabilities.
Aqua Enterprise is the company’s flagship cloud native security offering, incorporating numerous enhancements for cloud workload protection and now also available as a full SaaS offering or self-hosted.
With access to the full spectrum of Aqua’s products from a single, integrated console, Aqua Enterprise secures the build processes, the underlying infrastructure, and running workloads whether they are deployed as VMs, containers, or serverless functions. The recent release of Aqua Enterprise introduces several new elements:
- Risk-Based Insight that provides prioritisation of vulnerabilities, according to specific, contextual customer environment risks, and which also allows quick identification and prioritisation of vulnerabilities for remediation.
- New cloud VM security capabilities that improve File Integrity Monitoring (FIM), and add Linux system integrity and Windows Registry integrity controls.
- Multi-App Role-Based Access Control (RBAC) allowing Separation of Duties in enterprise-wide deployments that span multiple teams and applications, providing very granular permissions and custom roles.
- Visualisation of risk in Kubernetes clusters in Aqua’s Risk Explorer, based on automated discovery using a native Kubernetes admission controller.
Aqua Wave and Aqua Enterprise are both generally available in the market.