Aqua Security, which helps secures container-based and cloud-native applications, has launched new compliance features.
The company announced the availability of advanced compliance features as an enhancement to Aqua 3.0, which it announced last month.
Its new compliance-focused features claims to take the hassle out of ensuring compliance with key requirements according to PCI-DSS, HIPAA, GDPR, CIS and NIST guidelines. The features aim to make it easier for organisations that develop and run containers to meet governance, risk and compliance requirements.
“As our customers deploy an increasing number of applications using cloud-native technologies and architecture, the need to adapt compliance controls is apparent,” notes Amir Jerbi, CTO and co-founder of Aqua Security. “With Aqua’s advanced compliance controls and reports, we make it easier for organizations to maintain compliance and satisfy regulatory requirements.”
Its new features means Aqua now performs scheduled scans of hosts running containers, to find both known vulnerabilities as well as malware, allowing organisations to avoid using separate tools for scanning hosts and container images.
Aqua also now scans container images for the presence and type of open-source licenses, whether as part of the build in CI (continuous integration) tools or in image registries.
Using Aqua’s custom compliance checks feature, admins can also now scan for PII and other sensitive data using their own scripts, such as social security numbers or credit card numbers. Aqua’s Image Assurance policy can be set to block images where such secrets were found from running.
The Center for Internet Security, of which Aqua is a SecureSuite member, has issued detailed benchmarks that list several hundred checks to ensure that Kubernetes nodes and Docker hosts are adequately secured. Aqua now provides automated scheduled checks for both benchmarks, as well as detailed reports that show the status of the environment of each test.
Aqua’s platform is currently in use by dozens of Global 1000 customers. The company enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security.
Its Container Security Platform provides full visibility into container activity, allowing organisations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua was founded in 2015 and is backed by Lightspeed Venture Partners, Microsoft Ventures, TLV Partners, and IT security leaders
Copyright © 2018 RegTech Analyst
