Aqua Blog

Expanding into CSPM with CloudSploit and Deepening Security for Cloud VMs

Expanding into CSPM with CloudSploit and Deepening Security for Cloud VMs

IT spend on public cloud will more than double by 2023 (IDC) and hybrid multi-clouds will soon be the more common environment for enterprises. The benefits of using cloud infrastructure including the ability to scale, ease of use and speed of application delivery are too attractive to ignore, however, the complexity of managing and administering these environments leaves organizations exposed to significant security risks.

Weaknesses such as servers unintentionally open to the public, unencrypted datastores, as well as missing or weak authentication are being exploited by attackers on a regular basis, as exemplified in the Capital One breach earlier this year.

The Need for Cloud Security Posture Management (CSPM)

At Aqua, we protect the largest cloud native workloads in the world. But if the infrastructure is not properly configured and continually monitored, the applications and organizations are at risk. For IaaS and PaaS environments, security posture management is the layer required for continual visibility, remediation and compliance. CSPM makes sure enterprises are using the cloud securely and continuously monitors and alerts on any identified risks – either accounts out of compliance or exposed to vulnerabilities.

Many customers are monitoring accounts with ad hoc methods, such as custom scripts based on best practices but there are too many services for this to really scale across teams and to effectively monitor the ever-growing set of cloud services. Cloud account administrators now need to act with a security and compliance mindset. Custom approaches are at best, inconsistent, with limited visibility into what is really happening across all of the available cloud services.

Introducing CloudSploit

CloudSploit by Aqua continually monitors, and automatically detects security configuration issues in public clouds including AWS, Azure, Oracle, and Github. It examines user roles and privileges, certificates & MFA, specific service configurations, data encryption, networking, auditing features, usage trends and also conducts anomaly detection. As it monitors your environment, it provides alerts for remediation and reports for regulatory compliance as it benchmarks against CIS standards.

CloudSploit by Aqua is available both as open source and with expanded features for the enterprise. Customers can be up and running in minutes, monitoring their clouds. Users find CloudSploit easy to use with scans that are fast and to-the-point. Results are provided in line with best practices, and account-level overviews make it easy to see relative risk levels, and trends over time. CloudSploit’s API approach allows the creation of custom accounts and allows for integration into broader reporting systems for security or CISO dashboards.

CloudSploit_Dashboard

Protection for Cloud VMs

Today, we are also announcing significant new capabilities for the Aqua Cloud-Native Security Platform (CSP), deepening protection for virtual machines. Aqua’s VM security solution is deployed as an Agent on either Windows and Linux OS. It can be delivered using different automation tools, such as Cloud Init, Terraform, Chef and Puppet. The solution provides features that are needed to secure hosts running on public or private clouds, including: file integrity monitoring, vulnerability and malware scanning, host hardening checks (based on CIS), network discovery and micro-segmentation to hosts for full visibility of infrastructure and application threats.

Organizations can now protect their cloud native workloads from a single control plane for improved visibility and efficient remediation.

For more information on our expanded offer for Cloud VMs, Read our recent blog post Cloud VM Security with Aqua CSP

The addition of CloudSploit and VM Security expands Aqua’s protection of cloud-native environments. Aqua’s customers can more effectively manage risk and protect against threats for their multi-cloud environments across the full application stack, spanning infrastructure, application workloads and code.

Amir Jerbi
Amir is the Co-Founder and CTO at Aqua. Amir has 20 years of security software experience in technical leadership positions. Amir co-founded Aqua with the vision of creating a security solution that will be simpler and lighter than traditional security products. Prior to Aqua, he was a Chief Architect at CA Technologies, in charge of the host based security product line, building enterprise grade security products for Global 1000 companies. Amir has 14 cloud and virtual security patents under his belt. In his free time, Amir enjoys backpacking in exotic places.