Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritise, and remediate the most important cloud security risks, saving time and money.
“Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritise. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.”
With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications.
“One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi.
Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritisation and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster.
Identify Attacks that Agentless Solutions Cannot See
Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organisations,” 74% of organisations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late.
Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritisation in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritise the most critical cloud security risks.
“Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi.
Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyse over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%.
Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is comprised of a fully integrated set of security and compliance capabilities to discover, prioritise, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to dev and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix.