Aqua Security announced the general availability of CloudSploit by Aqua for Google Cloud Platform (GCP). This release comes after an extended beta program, during which we worked closely with our customers to develop and deliver a robust set of out-of-the-box policies for GCP. This release also includes a Center for Internet Security (CIS) benchmark certification for GCP.
The GCP support is available in the CloudSploit by Aqua cloud service and builds upon the open source project.
With the announcement of GA support for GCP, Aqua Security’s CSPM solution now cements its coverage for the major public cloud-native platforms: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and Oracle Cloud (Beta). In addition, CIS has certified that Aqua Security’s coverage for each public cloud is compliant with their standards.
Major features included in CloudSploit by Aqua for GCP:
Ninety new plug-ins for numerous GCP services including: Compute, Load Balancers, Cryptographic Keys, DNS, IAM, Kubernetes, Logging, SQL, Storage, and VPC networking. As with our existing Amazon AWS and Microsoft Azure solutions, Aqua Security will introduce new plug-ins and updates for existing ones as more GCP services are released.
CloudSploit by Aqua scans the GCP services in all currently available regions and zones. Support for new GCP regions and zones will be extended as they become available.
The scan reports include recommended remediation information and links to official Google documentation.
Compliance support now includes mapping of CloudSploit’s library of GCP plug-ins to PCI-DSS and HIPAA requirements, to provide individual, actionable policy checks to help detect compliance violations across GCP accounts. Furthermore, customers can now create their own custom compliance programs and map any internal corporate controls to the CloudSploit plug-in library.
CloudSploit by Aqua’s library of GCP plug-ins are also mapped to the popular CIS Benchmark controls. By mapping the policies to the CIS benchmark controls, CloudSploit can evaluate the security posture of your cloud accounts according to the best practices defined by the CIS organization. CloudSploit is CIS certified according to the CIS Google Cloud Platform Foundation Benchmark version 1.0.0 for both Level 1 and Level 2.
For more information about the CIS Benchmark certification, visit cloudsploit.com/cis.
Get started with CloudSploit by Aqua today!
Sign up and connect a GCP account to CloudSploit using our onboarding wizard. CloudSploit only requires access to your configuration metadata and does not access sensitive content in your cloud accounts. CloudSploit continuously audits your account in the background, working to detect potential misconfigurations and other risks that can lead to compromised infrastructure and loss of application and user data.
Send your questions about CloudSploit’s GCP support to support@cloudsploit.com.
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads, wherever they are deployed.
Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions and cloud VMs.