What does it mean to be an innovator? Is it someone whose face and company are known? Whose product is the most popular? Who has the coolest ads or the most social media likes? According to the Oxford dictionary, an innovator is someone who introduces change and new ideas. At Aqua we have always thought of ourselves as innovators in cloud native security. Seeing GigaOm name us as the Platform leader in innovation in their Radar Report for Cloud Security Posture Management (CSPM) last week validates this.
Innovators innovate — that is, they create new ideas, new ways of doing things. In the world of CSPM there are many innovators offering innovative tools. While some of these statements may be true, the questions we ask are: is it new, is it truly innovative impacting the way a process is completed, how a tool is used or how, in the case of CSPM, can a threat be both seen and stopped?
CSPM Innovation: A Necessity Redefined
CSPM solutions have been an entry point for many businesses looking to provide some security around their cloud native environments. Initial versions of CSPM focused around finding configuration issues across multiple cloud providers and quickly developed to address basic cloud security posture and compliance needs. The introduction of agentless scanning attempted to close this gap by adding visibility into vulnerabilities in running workloads (something that many mistake for constitute workload protection), but it carries significant limitations. We have said it multiple times in multiple blogs, agentless is not enough, and an agentless-only approach is fundamentally flawed
CSPM solutions that rely on agentless scanning for added visibility give a false sense of security and lead to blind spots, because they only take a snapshot of what is happening in your environment at the time that snapshot is taken. They fail to monitor ephemeral workloads that ran and then stopped before the scan, and they miss active code execution, overlooking the entry and exit of code fragments not covered by snapshots. Moreover, as sophisticated fileless malware gains ground, agentless solutions falter in detecting in-memory activities from static disk images.
Numerous companies in the report occupy the mature platform quadrant, having garnered industry recognition for maturity. However, maturity does not epitomize innovation. In the world of security things are constantly changing and threat actors are adapting techniques that bypass the tools and services used today. If you are not innovating a tool that is meant for security, you are not gaining true security.
Pioneering Real-Time CSPM: Solving for real-world environments with real threats
The report GigaOm highlights the evolving cloud security landscape and that threats have become more complex. The findings in the Aqua Nautilus 2023 threat report confirmed this with the discovery that there was a 1400% increase in the number of fileless or memory-based attacks with more than 50% of the attacks focused on defense evasion. These attacks included masquerading techniques, such as files executed from /tmp, and obfuscated files or information, such as dynamic loading of code. It is for this reason, the complexity of cloud environments, the need for complete visibility, contextual prioritization and quick remediation, which is only available from the next generation of CSPM – Aqua Real-Time CSPM
“This is a comprehensive cloud security solution with a highly capable workload-scanning feature set. Its remediation capability, which leverages LLM technology, is an excellent combination of useful and novel capabilities.”
– GigOm Radar for Cloud Security Posture Management (CSPM)
Aqua’s Real-Time CSPM solution helps you to see more with context so you can get to remediation faster. It combines agentless and in workload scanning to detect risks accurately and catch threats that other solutions miss such as memory-based attacks, unknown malware, and zero-days.
With Aqua’s context based CSPM solution and new remediation guidance feature. Empowered by context-driven CSPM and AI-guided remediation, a bespoke large language model (LLM) delivers precise instructions tailored to each client.
This offers overburdened or undertrained security teams valuable insights and expertise. A holistic view determines risk posture, with contextual insights driving swift remediation across cloud-native environments, down to specific code segments.
The report lauds Aqua’s Real-Time CSPM as comprehensive, scrutinizing security issues within public cloud services, containerized workloads, and serverless functions alike. Additionally, being named in the Platform category – because we offer more than just CSPM.
Highlights from the GigaOm Radar report
GigaOm’s Radar report spotlights key CSPM vendors, arming IT decision-makers with insights for optimal alignment with business and use-case demands. Aqua’s placement in the Innovation/Platform quadrant reflects our “innovative approach to security, simplified licensing, and broadly applicability”.
The report points to our RT-CSPM solution being “comprehensive” in that it “not only identifies security issues in the public cloud service itself, but it can also analyze workloads running inside of containers or serverless functions.”
To present risk data to users, Aqua dynamically visualizes how risks from configuration, access, code and running workloads combine in both Kubernetes environments as well as public cloud environments. In fact, Aqua is one of the only CNAPP solutions that provides true Kubernetes Security Posture Management (KSPM). Aqua KSPM is a key component of our overall Kubernetes security solution, providing a complete methodology for the continuous security and compliance posture of your Kubernetes infrastructure.
CSPM: A Gateway to Comprehensive Cloud Native Application Protection
“Aqua’s acquisition of Argon in 2021 fortified our CSPM’s ability to analyze upstream software risks and integrate into continuous integration/continuous delivery (CI/CD) pipelines. This conveys a unified risk view throughout the CSPM solution.”
Our cloud native application protection platform (CNAPP) delivers a security solution encompassing shift-left scanning, expansive visibility, and robust runtime controls for attack interception. Real-Time CSPM serves as a steppingstone toward comprehensive cloud native application protection. By merging agentless and in-workload visibility, it delivers real-time, prioritized insights into cloud security risk. Our integrated, holistic CNAPP solution distinguishes itself in that it does not come from disparate parts, but from the integrated whole. This is why innovation is everything.
Building a mature cloud security program is a journey. Organizations should begin on this path with strong robust CSPM, which becomes a starting point for expanding later to a full lifecycle CNAPP. To download the full report visit aquasec.com/gigaom-radar