Aqua launch additionally tightens Linux host safety and compliance on the heels of latest vulnerability disclosuresBoston, MA – Four March 2019 – Aqua Safety, the main platform supplier for securing container-based and cloud native purposes, introduced at the moment the provision of model of the Aqua cloud native safety platform, introducing new safety and compliance controls for serverless features and Linux hosts. As enterprise growth and deployment of cloud native microservices-based purposes proceed to speed up, Aqua permits safety groups to handle and implement safety insurance policies throughout a mix of VM-based containers, Containers-as-a-Service (CaaS) and Perform-as-a-Service (FaaS) spanning each multi-cloud and on-premises environments. Aqua Safety logoGartner Distinguished VP Analyst, Neil MacDonald, notes that “securing serverless will drive info safety and danger professionals to deal with the areas we retain management over. Particularly, the integrity and assurance of the code, identities of the code and builders, permissioning, and serverless configuration, together with community connectivity.”(Gartner, Safety Concerns and Greatest Practices for Securing Serverless PaaS, Four September 2018, by Neil MacDonald)Aqua’s complete serverless safety resolution now features a full chain of controls to find features throughout a number of cloud accounts, scan them for vulnerabilities, detect extreme permissions and configuration points, and supply perform assurance – stopping the execution of untrusted or high-risk features based mostly on outlined insurance policies. The important thing controls for serverless environments embrace:Capabilities discovery: Creating a listing of features saved throughout cloud accounts.Vulnerability scanning: Deep scanning of a features packages and dependencies for identified vulnerabilities (CVEs), based mostly on a number of sources and supporting a number of programming languages.CI/CD Integration: “Shifting left” past scanning present features, Aqua gives growth groups with plug-ins for Steady Integration environments to detect safety points as features are being constructed.Permissions Evaluation: Figuring out use of extreme or over-provisioned permissions particular to the serverless cloud setting, and monitoring for unused permissions –decreasing the potential assault floor of a perform.Delicate Knowledge Evaluation: Detecting secrets and techniques and hard-coded keys inside the features themselves, or inside setting variables, particular to the cloud setting – for example AWS credentials or Azure Authentication keys.Perform assurance: Safety groups can set insurance policies to find out the danger threshold to permit or disallow perform execution, based mostly on a wide range of elements together with CVE severity, CVSS rating, delicate knowledge, and permissions.Perform anomaly detection: Monitoring of perform utilization patterns and alerting on sudden spikes within the frequency or length of perform execution.One other vital addition to the Aqua platform is tighter controls to safe the Linux hosts that run containers. This addresses potential dangers from vulnerabilities such because the one found earlier this 12 months when a extreme new vulnerability (CVE-2019-5736) was disclosed in runc, a element utilized in most container runtimes which is a part of Linux OS distributions, highlighting the necessity for securing the container stack at each the workload and host ranges.“The brand new applied sciences supporting cloud native purposes require a holistic strategy to safety and compliance, throughout the appliance lifecycle in addition to up and down the stack, and this has turn into extra evident in latest months with vital vulnerabilities found in Kubernetes and runc for instance,” notes Amir Jerbi, CTO and co-founder at Aqua Safety. “With this new launch from Aqua, our prospects can defend their purposes in opposition to these, in addition to but undiscovered vulnerabilities by implementing tight compliance and whitelisting-based zero-trust safety.” Aqua builds on earlier Aqua host protections that already included testing hosts in response to CIS (Middle for Web Safety) benchmarks, scanning hosts for identified vulnerabilities, and monitoring consumer logins, to supply:Malware Scanning: Detecting malware within the host OS, or any of its parts.Vulnerability scanning: Scanning for CVEs discovered within the host OS, or any of its parts.Whitelisted and Blacklisted Customers and OS Packages: Safety groups can specify which sorts of customers and OS packages are both allowed or forbidden from getting used on a bunch.Consumer Exercise Monitoring: Aqua now logs all consumer instructions on the host OS for safety and compliance monitoring (along with the beforehand out there consumer logins and login makes an attempt monitoring).CIS Benchmarks Testing: Having achieved CIS certification for its Kubernetes benchmark, Aqua now present detailed info on every benchmark take a look at success/failure to supply groups with remediation info.Customized Benchmark Scripts: Enabling the add of scripts that customise benchmarks to account for configurations that aren’t supported in the usual CIS benchmarks, together with Kubernetes clusters on Pink Hat OpenShift.Host Assurance: Permitting to set insurance policies that may decide a threshold for host compliance and safety danger based mostly on the outcomes of the above scans and checks and generate alerts and audit occasions upon coverage violations.Aqua CSP will likely be typically out there in mid-March for present prospects and new deployments.About Aqua SecurityAqua Safety permits enterprises to safe their container and cloud-native purposes from growth to manufacturing, accelerating utility deployment and bridging the hole between DevOps and IT safety. Aqua’s Cloud native Safety Platform gives full visibility into container exercise, permitting organizations to detect and stop suspicious exercise and assaults in actual time. Built-in with container lifecycle and orchestration instruments, the Aqua platform gives clear, automated safety whereas serving to to implement coverage and simplify regulatory compliance. Aqua was based in 2015 and is backed by Lightspeed Enterprise Companions, Microsoft Ventures, TLV Companions, and IT safety leaders, and is predicated in Israel and Boston, MA. For extra info, go to or comply with us on Media contact:Rose Ross for EMEAOmarketing [email protected] +44 (020) 8255 5225