Enabling Customers with Visibility and Remediation at Scale As the pioneer in cloud native security, Aqua has been at the forefront of CNAPP innovation. Today, we are pleased to announce our integration with Amazon Security Lake. This integration allows customers the insights needed to determine their risk posture …
CNAPP is projected to be one of the biggest security categories ever – a $25 to $30B market. Why? Enterprises are continuing to move applications to the cloud while adopting cloud native practices, necessitating new security measures. At the same time, CISOs are under pressure to consolidate tools for better security …
DevSecOps is an easy term to toss around. But what does it mean, exactly? What actually goes into an effective DevSecOps strategy? And how do cloud and DevOps impact DevSecOps processes? To find out, I participated in a conversation with Merritt Baer, principal in the AWS Office of the CISO, to discuss the best ways …
In early October, the US Department of Justice announced that a verdict had been reached in the case against former Uber CISO Joe Sullivan, finding him guilty of two counts associated with covering up a data breach at the company. What made the Uber data breach case particularly noteworthy was that it was not seeking …
Fifteen vendors. That’s the number of CNAPPs featured in analyst firm Frost & Sullivan’s recent radar for Cloud Native Application Protection Platforms, the first report to rank CNAPP solution providers to come out at this early stage of the market. Not surprisingly to us, Aqua came out on top (or rather, to the …
A prospect’s CISO recently asked me: “I’m facing a growing stream of vulnerabilities coming from our CI/CD pipelines on the one hand, while our SecOps team is flooded with alerts and configuration issues from our production environment. How do I reconcile those separate streams and focus on what’s really important?”
“ …
Cloud Workload Protection Platforms (CWPPs), now part of the emerging category of Cloud Native Application Protection Platforms (CNAPPs), are designed to secure different types of cloud workloads — such as VMs, containers, and serverless functions — deployed in public, hybrid, or multi-cloud environments. In this …
While Docker has become synonymous with containers, various container tools and platforms have emerged to make the process of developing and running containers more efficient. Still, a lot of the same principles around Docker security apply for protecting container-based applications built with other tools as well. We …
The past couple of years have seen a rise in software supply chain attacks, with the most salient example being the Solarwinds attack. As production environments have gained multiple layers of protection, and much of the attention of security teams, malicious actors have set their sights on “poisoning the well”, i.e., …
The adoption of Kubernetes has more than doubled since 2017 and continues to grow without any signs of slowing down. Over the last few years, the Kubernetes ecosystem has significantly matured, and we’ve seen a lot of consolidation in the market. It now spans a wide range of well-established cloud and on-premises …
When we first published this blog post in 2017, the technology landscape for containers was quite different than it is today. Over the past few years, we have seen significant changes take place that have affected, and continue to affect how Containers are adopted. Read on to understand the changes and developments we …