Aqua Cloud Native Security Platform
By Aqua Security
Certified enterprise ready
Run the Aqua Cloud Native Security Platform on-prem or in the cloud to secure containerized, serverless and VM-based applications from your CI/CD pipeline in development to your production runtime environment.
Leverage granular, continuous data streams on images, containers, orchestrators, and hosts to secure the entire application lifecycle, from scanning and deployment assurance, to automated runtime controls, all using a single pane of glass. Aqua will mitigate risk, enforce immutability, and detect and block anomalies based on the application context.
Integrate security into the CI/CD pipeline to provide image risk analysis and rapid remediation early during the build process by scanning container images for known vulnerabilities, malware, secrets, open source licenses, misconfigurations and permissions issues. Leverage out-of-the-box plug-ins with industry leading CI/CD platforms like Jenkins, Azure DevOps, CircleCI, Bamboo, GitLab, and many others.
Create and enforce an image assurance policy that only allows images that adhere to security and compliance guidelines to be deployed - including vulnerabilities, embedded secrets, malware, secure configuration, and more. Aqua will encrypt container images during build to protect data and intellectual property, and block high-risk images that violate security policies from running in a production environment.
User Access Control
Define permitted commands to granularly control user access, configuring privilege definitions per container, host, cluster, application and storage volume. Allow or disallow specific user actions to enforce segregation of duties and least privilege principles, and enable Aqua to automatically detect and block unauthorized activities like log access or privilege escalations.
Securely deliver encrypted secrets to runtime containers in memory, with no persistence on disk. Leverage Aqua's integrations with industry leading secrets vaults like CyberArk, HashiCorp and others to rotate, update and revoke secrets in runtime with no container downtime or restart.
Runtime Protection for Containers and VMs
Whitelist intended activity based on machine-learned behavioral profiling to ensure container and VM integrity and immutability, host and orchestrator hardening, and least-privilege enforcement on container behaviors, without sacrificing application performance and availability. Monitor activity to detect and granularly block suspicious processes in runtime.
Visualize workload network connections to automatically generate whitelist firewall rules that enforce network segmentation - blocking unauthorized connections based on orchestrator concepts (pod name and namespaces), IP/CIDR addresses, and DNS. Automatically alert on and block unauthorized communications flows with no container downtime.
Auditing and Compliance
Apply compliance best practices across your cloud environment by automating out-of-the-box runtime policies for PCI, HIPAA, NIST and GDPR, and benchmarking against CIS certified tests for Linux, Docker and Kubernetes. Leverage your SIEM tool of choice to monitor granular reporting on scan results, policy changes and secrets rotations.
Leverage Aqua's Risk Explorer to see a live map of all the hosts and images running in your production environment. Risk Explorer gives you the ability to identify the namespaces and objects (representing a deployment, daemonset or job) and their respective risk levels to perform an accurate root cause investigation.
Want more product information? Explore detailed information about using this product and where to find additional help.
Read what others are saying about this product in our review section.
What do you like best?
This is an easy to use and well supported solution to container management.
What do you dislike?
There is not much to dislike for this software.
What problems are you solving with the product? What benefits have you realized?
Supporting a number of applications.