Aqua Security is a privately held cybersecurity company specializing in cloud-native application protection. Founded in 2015, Aqua helps organizations secure their cloud-native applications throughout their lifecycle, from development to production. Their mission is to protect cloud-native assets and empower organizations to innovate and accelerate their cloud transformation securely. They are recognized as a leader and innovator in the Cloud Native Application Protection Platform (CNAPP) market.
Offerings, Integrations, and Capabilities
Aqua Security’s core offering is the Aqua Platform, a comprehensive CNAPP that integrates security from code to cloud. It combines agent and agentless technology to provide a single, unified solution for securing cloud-native applications.
Key Capabilities:
- Image scanning: Identifies vulnerabilities, secrets, and malware in container images.
- Runtime protection: Prevents configuration drift, ensures immutability, and blocks attacks in real time across virtual machines (VMs), containers, and serverless workloads.
- Cloud Security Posture Management (CSPM): Assesses and monitors cloud configurations for security risks and compliance violations.
- Software supply chain security: Secures the software development lifecycle from code commit to runtime.
- Dynamic Threat Analysis (DTA): Analyzes container behavior in sandboxed environments to detect advanced threats and malware.
- AI-Guided Remediation: Automates and prioritizes remediation efforts based on risk and impact.
- Integration with CI/CD pipelines: Automates security checks within development workflows.
- Role-Based Access Control (RBAC): Enables granular control over access to security resources.
Integrations:
Aqua Security integrates with a wide range of cloud platforms, container registries, CI/CD tools, and other security solutions. Some notable integrations include:
- Cloud Platforms: AWS, Azure, Google Cloud, Alibaba Cloud, Red Hat OpenShift
- CI/CD Tools: Jenkins, Azure DevOps, CircleCI, Bamboo, GitLab
- Container Registries: Docker Hub, Azure Container Registry, Amazon ECR
- Other: AWS Security Hub, OpsGenie, Jira, ServiceNow, Slack, MS Teams, Splunk, Sumo Logic, Perimeter 81
Products and Services
Aqua Security’s flagship product is the Aqua Platform, a comprehensive CNAPP available in different editions to cater to various needs. Key components and features include:
- Aqua Wave: A SaaS-only offering designed for securing applications during the build process and the infrastructure they run on. It includes vulnerability scanning, CSPM, and dynamic threat analysis.
- Aqua Enterprise: A more comprehensive offering available as both SaaS and self-hosted, providing runtime protection across various technology stacks, including VMs, containers, and serverless functions.
- Trivy: An open-source vulnerability scanner for containers, Kubernetes, code repositories, and cloud environments.
- Tracee: An open-source runtime security and forensics tool for Linux using eBPF.
- Kube-Bench: An open-source tool for checking Kubernetes deployments against CIS benchmark security best practices.
While specific new products haven’t been mentioned in the most recent sources, Aqua continuously updates its platform with new features and capabilities, such as enhanced LLM-based application protection and AI-guided remediation.
Target Customers and Benefits
Aqua Security targets a wide range of organizations, from large enterprises to smaller businesses, across various industries, including financial services, software, media, manufacturing, and retail. These customers benefit from:
- Reduced risk: By identifying and mitigating vulnerabilities and threats across the entire application lifecycle.
- Accelerated cloud transformation: By providing the confidence to move to cloud-native technologies securely.
- Improved compliance: By automating security checks and enforcing policies.
- Increased developer productivity: By integrating security into the development workflow.
- Enhanced visibility and control: By providing a single platform for managing cloud-native security.
- Increased revenue: Preventing costly security breaches and downtime.
Cloud Integrations and Marketplaces
Aqua Security integrates with major cloud platforms and has a presence on their respective marketplaces:
- AWS Marketplace: Offers the Aqua Platform and other solutions for securing workloads on AWS services like ECS, EKS, Fargate, and Lambda.
- Azure Marketplace: Provides integrations with Azure services like AKS, ACI, and Azure Container Registry.
- Google Cloud Marketplace: Integrates with Google Kubernetes Engine (GKE) and Google Cloud Security Command Center.
- Red Hat Marketplace: Offers an OpenShift-certified operator for deploying the Aqua Platform on OpenShift clusters.
- Alibaba Cloud: Enables security and DevOps collaboration for cloud-native applications on Alibaba Cloud.
Key People
While a definitive list is not publicly available, key people at Aqua Security include:
- Dror Davidoff: Co-Founder and CEO
- Amir Jerbi: Co-Founder and CTO
Key Facts
- Headquarters: Boston, MA, and Ramat Gan, Israel
- Number of Employees: Approximately 600 (as of 2024, this number may have changed)
- Annual Revenue: Not publicly disclosed
- Publicly Listed: No (privately held)
Analyst Recognition
Aqua Security is recognized by leading analyst groups:
- Gartner: Listed as a Representative Vendor in the Market Guide for Cloud-Native Application Protection Platforms (CNAPP) and receives positive reviews for its Cloud Security Platform.
- Forrester: Commissioned a Total Economic Impact (TEI) study demonstrating significant ROI for Aqua Platform users.
- IDC and Everest Group: Recognized as a Major Player in the IDC MarketScape for Worldwide Cloud Security.
