Security teams can choose from out-of-the-box workload visibility and real-time response according to risk tolerance and maturity
LONDON: Aqua Security has announced the addition of key features to its Cloud Native Application Protection Platform (CNAPP), helping time-strapped Security, DevOps and IT practitioners to assess their cloud native security risk in minutes and respond to attacks in real-time – making Aqua the only pureplay platform with both capabilities. Starting from the new automated, continuously updated asset inventory, practitioners can choose whether a quick assessment of workload risk is enough, or if they also want to actively protect those workloads from attacks in runtime. They can also choose whether they want to combine those controls with best practice, ‘shift-left’ policies to prevent issues from reaching production. Altogether, the Aqua Platform detects and prioritises risks from code to runtime, and reduces the blind spots introduced by multiple vendors and partial solutions across the application lifecycle.
Many cloud native teams work with a varying number of applications that have access to sensitive customer data. Short-staffed security teams need to efficiently detect and follow-up on risks across the application portfolio. The option of a rapid risk assessment for running workloads in minutes sets the stage for better prioritisation of limited resources to the highest risk for the business. Even large security teams want the ability to optimise costs and resources across passive and active security measures, putting active security measures where protection matters most.
“For Security teams, having active, preventative shift-left and runtime controls protecting their cloud native applications is a non-negotiable requirement,” said Amir Jerbi, CTO and co-founder, Aqua Security. “Their customers and compliance regulators both require active protection across the lifecycle. But security teams are also short-staffed and in need of tools that reduce noise, allowing them to focus on the top risks first. With this release, customers get the best of both worlds: a prioritised view of risk to meet them where they are today, so that we can protect them tomorrow.”
For most customers, the prospect of a unified platform for visibility, prevention and response means saving time through consolidation of vendors and one source of truth. But it can also mean taking the first step on the journey to active runtime controls and better protection for the most sensitive workloads. Most customers and practitioners start a cloud native security journey by implementing shift-left security testing and preventive controls while also gaining visibility into risks and artifact inventories across registries and cloud accounts. Next, practitioners aim for visibility and monitoring in runtime to gain a quick view of risk as well as learn the impact of policies on runtime environments. After learning and measuring, customers start to enforce runtime policies in production. Being able to move along this journey with the same vendor allows teams to speed the process, using one source of truth and standardisation of response across environments.
Combined with Aqua’s recent, industry-first cloud native detection and response (CNDR) offering, the new capabilities also mean customers gain access to the broadest risk prioritisation capabilities available across the full application lifecycle. The view of risk prioritisation is automated and out of the box, applying to both potential risk to running workloads as well as actual anomalous behaviour observed in runtime.
“We have observed that customers’ top concerns are not only having a unified platform, but also gaining visibility and understanding of how to prioritise risk across the multitude of alerts and tools in their environments,” said Ehud Amiri, VP Product Management, Aqua Security. “They come to Aqua to take advantage of the risk prioritisation made possible by the context available across the full lifecycle of their applications. We are dedicated to helping customers achieve the kind of risk prioritisation that they could only get through a pureplay, full lifecycle application protection platform.”