The increasingly complex array of cloud environments used by businesses provides bad actors with great opportunities to sneak into corporate networks. It’s led cloud-native security vendors to scramble to shore up the weak spots. Two of those — Aqua Security and Twistlock — announced updates to their security platforms this week.
Aqua has added two basic elements in its 4.0 release. The platform now offers what the company calls “a full chain of controls” to scan functions across any number of clouds. It scans for vulnerabilities, excessive permissions, and configuration issues, and prevents execution of functions that are not in line with policies and potentially are dangerous. The platform also now offers continuous integration/continuous delivery (CI/CD) plug-ins, sensitive data assessment, functions assurance and functions anomaly detection.
The second new element in Aqua 4.0 is a set of tighter controls to secure Linux hosts that run containers. The goal is more comprehensive protections both across the application lifecycle and up and down the stack.
Aqua Security Vice President of Marketing Rani Osnat told SDxCentral that the abilities to stop untrusted functions from being deployed, to monitor user activity on hosts and to customize the CIS benchmarks to account for widely used “special cases” such as Red Hat OpenShift are the most important new functions.
“With several attack vectors and severe vulnerability disclosures that were made over the past 18 months, around Docker, Kubernetes, runc, and the Linux OSs that are usually used to run containers, it’s clear that no single security countermeasure — such as vulnerability scanning, OS hardening, activity monitoring, network segmentation, etc. — is effective to handle the complexity of securing the cloud native stack,” Osnat wrote in an email. “Only a full lifecycle, full stack solution like Aqua can provide protections against a variety of threats.”
Twistlock told SDxCentral that that the cloud native network firewall for hosts, the host file integrity monitoring, and host forensics are the three most important features premiering in version 19.03 of its platform. The company said that it is a comprehensive cloud native security platform that works across hosts, containers and in serverless environments. The platform is cloud native and API-enabled.
It also offers a version of cloud compliance that includes all native cloud services for Microsoft Azure and Google Cloud. The assigned collections feature enables a user to be assigned the least privilege the individual needs and the RASP Defender adds runtime defense for services that run Docker images without using Docker or OCI runtimes (such as Pivotal PAS).