Aqua Blog

Image Scanning in VPCs with Aqua and AWS PrivateLink

Rani Osnat
November 28, 2017
Image Scanning in VPCs with Aqua and AWS PrivateLink

Amazon Web Services announced today at re:Invent an to a recent feature PrivateLink, that enables AWS Virtual Private Cloud customers to consume apps outside their VPCs through service endpoints, using their own private IP addresses and security groups. This is a non-trivial task since VPCs are made to be isolated, so normally, making an external SaaS application accessible inside a VPC would be mission impossible.

PrivateLink solves that issue by creating a secure line of communication between the designated application and the VPC, but the application must be VPC-enabled to support it. At Aqua we recently launched our Pay-Per-Scan solution for scanning container images on the AWS Marketplace. At the same time, our team has been working diligently with the AWS team to make this offering support PrivateLink, and today we’re proud to announce that we are one of the first vendors to support it.

AWSPrivateLink_scanner.png

Aqua Scanner PrivateLink Architecture

An Amazon VPC customer who wants to use the Aqua Scanner doesn’t have to do any manual network configuration or use special credentials. All they need to do is subscribe to the Aqua Scanner on AWS Marketplace, and check a box to indicate a VPC deployment. Everything is provisioned and connected automatically within their VPC.

The Age of Flexible Security (or Secure Flexibility?)

While cloud applications strive to fulfill the promise of everything on demand, metered and available at a click of a button, they must satisfy the security requirements of enterprise users. Without that, they only offer flexbility in theory, not in practice.

Likewise, security solutions must become more flexible — not by relaxing the stringent controls they apply, but in how they are consumed and deployed. This is what our work to support PrivateLink is about. Amazon VPC customers can get on-demand security scanning for their container images from the AWS Marketplace, but still work strictly within the confines of their VPC. They can apply uniform controls across cloud and on-prem environments, and maintain separation between dev, staging and prod environments. Security and flexibility.

The VPC-enabled Aqua image scanner is available on the AWS Marketplace using a pay-per-scan consumption model. Give it a try!

Published under: CONTAINER SECURITY

Tags: ,

Rani Osnat
Rani is the SVP of Strategy at Aqua. Rani has worked in enterprise software companies more than 25 years, spanning project management, product management and marketing, including a decade as VP of marketing for innovative startups in the cyber-security and cloud arenas. Previously Rani was also a management consultant in the London office of Booz & Co. He holds an MBA from INSEAD in Fontainebleau, France. Rani is an avid wine geek, and a slightly less avid painter and electronic music composer.
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from code to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links