TABLE OF CONTENTS


Introduction

The Aqua Enterprise plan provides full lifecycle security for your cloud native applications (containers, orchestrators, cloud VMs, and serverless functions) at a very granular level. Aqua includes preventive controls to secure the development pipeline; protects applications in runtime; detects and blocks attacks; and provides visibility and auditing for security risk management and compliance.


Aqua:

  • Integrates with your existing workflows for building, shipping, running, and securing your cloud workloads
  • Works with the leading orchestrators and cloud provider platforms

  • Secures environments consisting of servers running Linux and Windows, as well as CaaS and FaaS cloud services

  • Provides you with full audit logs of security-related events that have occurred on your hosts or in your containers and serverless functions


Features

Secure the build

  • Image Assurance for assessing container images against vulnerabilities, sensitive data (such as secrets), and malware
  • Risk-based Insights helps you focus on the most important and urgent vulnerabilities to mitigate, including running containers based on images with exploits in the wild
  • Integration with Aqua Dynamic Threat Analysis (DTA) for dynamic analysis of container behavior in a sand-boxed environment
  • Function Assurance for detecting security issues in your AWS Lambda and Microsoft Azure cloud environments


Secure the infrastructure

  • Automated penetration testing (pen testing) of Kubernetes clusters, using the kube-hunter, an Aqua Security open-source tool that hunts for security issues in Kubernetes clusters
  • Host Assurance for assessing VMs against vulnerabilities, malware, and security best practices (e.g., CIS benchmarks)
  • Host Runtime Protection for protecting your VMs against malicious and unauthorized activities
  • Automated discovery of Kubernetes infrastructure assets (clusters and hosts) and vulnerability scanning on Linux hosts via the Aqua KubeEnforcer


Secure the workloads


Holistic approach to security for Kubernetes and other applications


Aqua secures your application build (e.g., container images), infrastructure, and workloads. See Securing Kubernetes Applications.


Monitoring, auditing, and compliance

  • The Risk Explorer presents a dynamic display of the workloads (containers) and host VMs in your cloud native environment, and the security risks associated with them.
  • Aqua provides comprehensive auditing of security-related and administrative events.


Integrations


Container orchestration platforms


Aqua can be integrated with a wide variety of container orchestration platforms. This includes both orchestrators and cloud provider stacks. You can also deploy Aqua in environments without an orchestration platform, like a standalone Docker host. Click here for a complete list.


Cloud native ecosystem


Aqua can be integrated with other important components of your cloud native ecosystem application development workflow, such as:


Security infrastructure


Aqua integrates with security tools in your infrastructure to support existing workflows and provide aggregated, consolidated views: