Aqua Security CNAPP is first to combine frictionless cloud workload visibility with active protection across the application lifecycle


Security teams can choose from out-of-the-box workload visibility and real-time response according to risk tolerance and maturity


LONDON – February 3, 2022 – Aqua Security, the pure-play cloud native security leader, today announced the addition of key features to its Cloud Native Application Protection Platform (CNAPP), helping time-strapped Security, DevOps and IT practitioners to assess their cloud native security risk in minutes and respond to attacks in real-time – making Aqua the only pureplay platform with both capabilities. Starting from the new automated, continuously updated asset inventory, practitioners can choose whether a quick assessment of workload risk is enough, or if they also want to actively protect those workloads from attacks in runtime. They can also choose whether they want to combine those controls with best practice, ‘shift-left’ policies to prevent issues from reaching production. Altogether, the Aqua Platform detects and prioritises risks from code to runtime, and reduces the blind spots introduced by multiple vendors and partial solutions across the application lifecycle.


Many cloud native teams work with a varying number of applications that have access to sensitive customer data. Short-staffed security teams need to efficiently detect and follow-up on risks across the application portfolio. The option of a rapid risk assessment for running workloads in minutes sets the stage for better prioritisation of limited resources to the highest risk for the business. Even large security teams want the ability to optimise costs and resources across passive and active security measures, putting active security measures where protection matters most.

“For Security teams, having active, preventative shift-left and runtime controls protecting their cloud native applications is a non-negotiable requirement,” said Amir Jerbi, CTO and co-founder, Aqua Security. “Their customers and compliance regulators both require active protection across the lifecycle. But security teams are also short-staffed and in need of tools that reduce noise, allowing them to focus on the top risks first. With this release, customers get the best of both worlds: a prioritised view of risk to meet them where they are today, so that we can protect them tomorrow.”

For most customers, the prospect of a unified platform for visibility, prevention and response means saving time through consolidation of vendors and one source of truth. But it can also mean taking the first step on the journey to active runtime controls and better protection for the most sensitive workloads. Most customers and practitioners start a cloud native security journey by implementing shift-left security testing and preventive controls while also gaining visibility into risks and artifact inventories across registries and cloud accounts. Next, practitioners aim for visibility and monitoring in runtime to gain a quick view of risk as well as learn the impact of policies on runtime environments. After learning and measuring, customers start to enforce runtime policies in production. Being able to move along this journey with the same vendor allows teams to speed the process, using one source of truth and standardisation of response across environments. 

Combined with Aqua’s recent, industry-first cloud native detection and response (CNDR) offering, the new capabilities also mean customers gain access to the broadest risk prioritisation capabilities available across the full application lifecycle. The view of risk prioritisation is automated and out of the box, applying to both potential risk to running workloads as well as actual anomalous behaviour observed in runtime.


“We have observed that customers’ top concerns are not only having a unified platform, but also gaining visibility and understanding of how to prioritise risk across the multitude of alerts and tools in their environments,” said Ehud Amiri, VP Product Management, Aqua Security. “They come to Aqua to take advantage of the risk prioritisation made possible by the context available across the full lifecycle of their applications. We are dedicated to helping customers achieve the kind of risk prioritisation that they could only get through a pureplay, full lifecycle application protection platform.”


New features of Aqua’s CNAPP include:

  • Continuous Asset Discovery brings order to the wealth of cloud native artifacts and assets in minutes. The Aqua platform continuously monitors cloud accounts for new resources; once discovered they are classified and evaluated through a set of security checks.

  • Asset Inventory catalogues all K8s clusters, containers, functions, VMs, registries and other cloud resources, with key security information about vulnerabilities, misconfigurations, sensitive data and malware. The Inventory’s flexible search engine can search and filter based on asset category, risk type or severity.

  • Cloud workload scanning searches for vulnerabilities, malware, secrets and more in running workloads. Prioritised results are delivered in as little as minutes.

  • Cloud Security Insights leverages a graph database to detail a compound risk analysis highlighting the top risks relevant for any application.


For more information, please visit the Aqua blog


About Aqua Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure and secure running workloads, wherever they are deployed. Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions and cloud VMs. For more information, visit or follow us on


No posts to display