Aqua Security Partners with VMware
April 18, 2018

Aqua Security announced a collaboration with VMware that will enable customers to protect applications deployed across both virtual machines and containers.

The combination of Aqua Container Security Platform with VMware AppDefense will provide enterprise security teams with a security solution that delivers a single-pane-of-glass to secure applications that include both containerized and non-containerized components.

VMware AppDefense protects applications running in virtualized environments by monitoring applications against their intended state – what they're supposed to do – and automatically responding when they deviate from that intended state, indicating a potential threat. This dramatically shrinks the attack surface, enables a much more agile/DevOps approach to security, and provides an interface into the software defined datacenter for the security operations team. VMware AppDefense uses its integration with DevOps systems, artificial intelligence and machine learning applied to massive data sets, and hypervisor-based visibility to understand the intended state of a distributed application to help customers achieve Cyber hygiene at scale.

The Aqua Container Security Platform (CSP) is a full-lifecycle security solution for containers and cloud-native applications that deeply integrates into the build pipeline to detect issues early in the DevOps cycle and minimize the attack surface. It then monitors the runtime environment and is able to prevent malicious activity using a whitelisting policy based on both declarative information and machine-learned behavior, an approach that is designed to ensure applications are only doing what they are supposed to do.

Key features of this combined security solution will enable:

- Visibility across VMs and containers: Shows security posture of running containers within the AppDefense console, including vulnerability status, approved and unapproved running containers, and policy violation alerts.

- Container Image Assurance: Prevents images that don't meet the security requirements or were not vetted from being deployed and enforces drift prevention that is designed to ensure running containers are derived from approved images.

- Monitoring and enforcement: Detection and automated response to container-level policy violations within AppDefense

- Auditing and compliance: Unified event logging within AppDefense for container-level processes and policy violations

Dror Davidoff, co-founder and CEO, Aqua Security, said: "VMware AppDefense utilizes the same principles used by the Aqua platform, namely, that good application behavior should be learned and understood, then applied to enforce least privileges in runtime. This fit will enable our teams to deliver a solution that gives security teams an easy, unified approach to modern application security."

"As organizations deploy applications across increasingly diverse data center endpoints and hybrid cloud environments, security must address the application layer in an efficient and scalable way that supports those modalities," said Tom Corn, SVP and GM, Security Products at VMware. "Aqua Security's in-depth visibility and control in containerized applications offers customers a valuable extension and enhancement to VMware AppDefense that will enable security teams to secure applications at a more granular level, regardless of how they are deployed."

The combined Aqua Security and VMware security solution will be generally available in VMware's Q2 Fiscal 2019 ending on July 3, 2018.

Share this

Industry News

March 27, 2024

WaveMaker has updated its platform in response to customer demand for more sophisticated API and code management tools.

March 27, 2024

Vercara announced the launch of UltraAPI™, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance.

March 27, 2024

Legit Security announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.

March 26, 2024

Progress announced a strategic partnership with Veeam® Software, the #1 leader by market share in Data Protection and Ransomware Recovery, to provide customers with an enterprise-ready cyber defense solution that strengthens the security of their business-critical data.

March 26, 2024

GitGuardian released its Software Composition Analysis (SCA) module.

March 26, 2024

DataStax announced a milestone in its journey to simplify enterprise retrieval-augmented generation (RAG) for developers by integrating with Microsoft Semantic Kernel.

March 25, 2024

Check Point® Software Technologies Ltd. is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating NVIDIA BlueField DPUs, which feature a broad range of purpose-built, innovative security capabilities, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.

March 25, 2024

Sentry announced the release of Autofix, an AI-powered feature to debug and fix code in minutes, saving important time and resources.

March 25, 2024

Apiiro announced a product integration and partnership with Secure Code Warrior, the agile developer security training platform, to extend its ASPM technology and processes to the people layer.

March 21, 2024

Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, was named a Champion in SoftwareReviews’ 2024 Metadata Management Emotional Footprint Awards.

March 21, 2024

The Cloud Native Computing Foundation® (CNCF®) has partnered with Udemy, an online skills marketplace and learning platform.

March 21, 2024

GitLab has acquired Oxeye, the provider of a cloud-native application security and risk management solution.

March 21, 2024

GitHub announced that code scanning autofix, powered by GitHub Copilot and CodeQL, is available in public beta for all GitHub Advanced Security (GHAS) customers.

March 21, 2024

NetApp is collaborating with NVIDIA to advance retrieval-augmented generation (RAG) for generative AI applications.

March 21, 2024

CalypsoAI launched the CalypsoAI Platform, an advanced SaaS-based security and enablement solution for generative AI applications within the enterprise.