Aqua Security Introduces Dynamic Threat Analysis
April 22, 2020

Aqua Security announced Aqua Dynamic Threat Analysis (DTA), a new product offering that protects container-based environments against sophisticated malware that can only be detected using dynamic analysis of a running container, and available as an option within Aqua's Cloud Native Security Platform (CSP).

The company also announced enhancements to its CSPM SaaS platform (based on its acquisition of CloudSploit in 2019), which now includes Aqua DTA, image vulnerability scanning, and expanded support for cloud environments.

Aqua DTA is currently available in preview, with general availability expected later this quarter.

"We've been seeing organized attacks that aim for cryptocurrency mining, credential theft, data exfiltration, or using containers for DDoS attacks," says Amir Jerbi, CTO and co-founder of Aqua. "To achieve these objectives, the container will exhibit a variety of suspicious behaviors, such as unpacking malicious payloads during runtime, opening reverse shell, executing malware from memory to avoid detection, connecting to known command & control servers, and more. By identifying these behaviors before deploying images, Aqua DTA 'shifts left' what used to be done only as a late response to incidents during runtime," he added.

Aqua DTA addresses these risks by automatically running images in a secure sandboxed environment, then analyzing, tracing, and classifying the detected behaviors. The sandbox prevents the malware from doing any harm to other workloads and resources on the host or network. Using Aqua DTA allows security and DevOps teams to improve the security of their software supply chain and reduce risk to runtime environments.

Aqua DTA is recommended to address the following needs:

- Approving public images and their open source packages – as part of the security policies of your software development life cycle (SDLC).

- Approving ISV's third-party Images – scanning third-party images from independent software vendors before introducing them into the organization.

- Pre-production security gate – scanning release candidate images before they are promoted to production from CI/CD pipelines or registries, as an added layer of protection.

- Analysis and forensics – quickly analyzing image runtime behavior to understand anomalies or perform forensics after a suspected incident.

Within Aqua's Cloud Native Security Platform, DTA can be configured to automatically scan only images within a specific scope, for example according to a label or within a named registry.

Aqua has also revamped its cloud security posture management (CSPM) solution, following its acquisition of CloudSploit in 2019. The new solution is now called Aqua CSPM, and includes Preview versions of both Aqua DTA, as well as integrated container image vulnerability scanning based on Aqua's Trivy open source scanner. The vulnerability scanner included in the preview currently supports AWS environments, with additional registry support planned throughout the year.

Aqua is the first and only solution that extends CSPM into cloud native security with an integrated offering that discovers container image registries, scans images for vulnerabilities, and detect hidden malware threats in a single, seamless workflow. These capabilities go beyond securing the cloud infrastructure to secure the applications running on it, typically the function of Cloud Workload Protection Platforms (CWPP).

Additional recent enhancements to Aqua CSPM include:

- General Availability of its support for Google Cloud and Oracle Cloud environments

- Scanning of Terraform templates in addition to the previously available AWS CloudFormation templates, enhancing security control over Infrastructure-as-Code (IaC) tooling

- Automated GDPR compliance reports, facilitating compliance with the European privacy requirements

Share this

Industry News

December 03, 2020

Copado announced its Winter 21 release, providing end-to-end DevOps value stream management platform for Salesforce.

December 03, 2020

MayaData and Platform9 announced a collaboration for the deployment and operation of performance-sensitive stateful workloads on Kubernetes.

December 03, 2020

Harness announced first-class integration with Amazon Elastic Container Service (ECS) Container Orchestration, enabling mission-critical applications to run in Docker containers with less scripting and redundancy, and out-of-the-box deployment strategies.

December 02, 2020

Amazon Web Services (AWS), an company, announced Amazon DevOps Guru, a fully-managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation.

December 02, 2020

Salesforce and Slack Technologies have entered into a definitive agreement under which Salesforce will acquire Slack.

December 02, 2020

Kasten by Veeam announced Kasten K10 v3.0.

December 02, 2020

Mattermost announced the launch of Mattermost Cloud, a new SaaS platform that is designed to optimize collaboration for DevOps teams and privacy-conscious enterprises.

December 01, 2020

CloudBees announced a virtual launch event on December 10 to formally release the first two modules of its Software Delivery Management solution: CloudBees Engineering Efficiency and CloudBees Feature Management.

December 01, 2020

GitOps creator Weaveworks announced the availability of release 2.4 of Weave Kubernetes Platform (WKP).

December 01, 2020

Adaptavist has joined the Sonatype partner program as a Platinum Enterprise Partner.

November 30, 2020

Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.

November 30, 2020

Portworx by Pure Storage announced its qualification and support of Portworx Enterprise for Google Cloud's Anthos on bare metal.

November 30, 2020

SnapLogic now supports SaaS contracts in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.