Security
New release of Aqua security platform includes secrets management
Friday, February 3, 2017
|
Austin Harris |
Aqua Security, a platform provider for securing containerized applications, has announced the release of version 2.0 of its Container Security Platform (CSP). A major requirement for securing containerized applications is ensuring that containers can only communicate within their permitted network segment, limiting the “blast radius” in case of an attack. The challenge is to do so without hindering the container’s ability to perform legitimate application functions that require communication within the host or across hosts, on-premises or in the cloud.
“Traditional host-based security agents don't understand containers and lack the context to enforce different policies on different containers in the same host.” notes Neil MacDonald, VP Distinguished Analyst at Gartner Research, “Depending on the network architecture used, container-to-container traffic within a physical host may not be visible to external network firewalls and intrusion detection and prevention systems.”
Version 2.0 of the Aqua CSP automates the creation of network nano-segments that limit container network connectivity based on the application context and needs, regardless of physical location, IP address or other network properties.
- Automatic discovery of containerized application network topology
- Automated creation of network nano-segments based on the container’s activity
- Context based container firewall that allows service-oriented rules
- Detection or prevention mode, allowing to either alert on or prevent unauthorized network connections.
- Central visibility and control over container secrets from the Aqua Management Console.
- HashiCorp Vault and Atlassian Jira integration
- Vulnerability scanning on a large scale
“Traditional host-based security agents don't understand containers and lack the context to enforce different policies on different containers in the same host.” notes Neil MacDonald, VP Distinguished Analyst at Gartner Research, “Depending on the network architecture used, container-to-container traffic within a physical host may not be visible to external network firewalls and intrusion detection and prevention systems.”
Version 2.0 of the Aqua CSP automates the creation of network nano-segments that limit container network connectivity based on the application context and needs, regardless of physical location, IP address or other network properties.
Key features include:
- Automatic discovery of containerized application network topology
- Automated creation of network nano-segments based on the container’s activity
- Context based container firewall that allows service-oriented rules
- Detection or prevention mode, allowing to either alert on or prevent unauthorized network connections.
- Central visibility and control over container secrets from the Aqua Management Console.
- HashiCorp Vault and Atlassian Jira integration
- Vulnerability scanning on a large scale
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more
Subscribe here
