Back in March we announced Aqua MicroEnforcer, a new deployment technology that enabled us to secure runtime workload running on AWS Fargate and Azure Container Instances. Since then we’ve seen a lot of interest from customers who see these services not only as a way to deploy containers on demand for spillover capacity, or for ad hoc needs, but also as a way to accelerate deployment for development, testing, and production workloads.
Naturally they are concerned with security, and know that Aqua has the only solution that can address their needs across Fargate as well as “regular” container workloads that run on nodes/hosts. Fargate “breaks” Aqua’s sidecar container deployment model since the customer has no visibility or administrative access to the underlying VM instance running their containers. AWS completely abstracts this layer from the user, and automagically runs their containers somewhere in their vast virtual infrastructure.
When we examined options for securing container workloads that have no visible/accessible host, we looked at various options:
As part of our Aqua 3.0 release, Liz wrote a blog that described in detail the process of embedding MicroEnforcer. This time I’d like to focus on the runtime aspects of how this works on Fargate, and for good measure we threw in the AWS CloudWatch integration.
Watch this 4 min video to see it in action:
Cloud Native Computing, Runtime Security, Microservices, AWS Security, Fargate
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads, wherever they are deployed.
Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions and cloud VMs.