Full Lifecycle Security for Azure Container Workloads
The Aqua platform works seamlessly on Azure Container Service, integrating with Azure Container Registry (ACR), Azure Container Instances (ACI), and on both Docker and Windows container formats. In addition, Aqua provides a native plug-in for Azure DevOps (formerly VSTS), enabling developers to automate security testing into their CI/CD pipeline.
Aqua's Cloud Native Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks, providing transparent, automated security while helping to enforce policy and simplify regulatory compliance.
Using Aqua’s Cloud Native Security Platform, you can:
- Scan your images for vulnerabilities and bad configurations to enforce their integrity across the application lifecycle.
- Provide zero-configuration security for AKS deployments from development to production, enforcing consistent security policy and least privileges principle across the board.
- Aqua MicroEnforcer injects security controls into containers, making it possible to monitor and enforce policy in this serverless environments.
- Assess the risk of Azure Functions by discovering vulnerabilities and sensitive data in function’s code and its environment variables. Prevent execution of functions that violate your organization’s security policy.
- Deliver, rotate or revoke the right secrets to the right containers in runtime, while safeguarding them from unauthorized access.
- Apply advanced threat detection and mitigation to your container workloads through container activity controls, network segmentation and host integrity controls.
- Gain real-time visibility and control over the compliance posture of your images to enforce regulatory compliance controls for PCI, HIPAA, GDPR, and beyond, across the cloud-native application lifecycle.
Aqua Security enables enterprises to secure their virtual container environments from development to production, accelerating container adoption and bridging the gap between DevOps and IT security.