Aqua Security, pioneer in cloud native security, has been named as a representative vendor in Gartner’s new market guide for cloud-native application protection platforms (CNAPP).
The report examines the extensive CNAPP market and its growth potential, and it names representative vendors.
Gartner describes CNAPPs as ‘offerings that bring together multiple disparate security and protection capabilities into a single platform, focused on identifying and prioritising excessive risk of the entire cloud-native application and its associated infrastructure.’
According to Gartner: “As organisations shift to a CNAPP-based approach, the synergy of an integrated platform will provide more benefits than a best-of-breed strategy that is difficult to scale.”
“We believe the Gartner analysis of the market is similar to our approach and vision for Aqua,” said Amir Jerbi, CTO and Co-founder of Aqua Security. “We feel its emphasis on the benefits of using a vendor that provides an integrated platform further demonstrates that Aqua is on the cutting edge, leading the industry for cloud native security solutions.”
Gartner emphasises that security leaders responsible for cloud security strategies should: “Favour CNAPP vendors that provide a variety of runtime visibility techniques, including traditional agents, Extended Berkeley Packet Filter (eBPF) support, snapshotting, privileged containers and Kubernetes (K8s) integration to provide the most flexibility at deployment.”
In addition, Gartner states: “Agentless workload scanning has become a popular approach and an expected core CNAPP capability, although in-workload approaches provide the best protection.”
Aqua’s runtime security solution was developed organically by Aqua and is integral to the Aqua CNAPP. The Aqua Platform was the first CNAPP to combine active protection with agentless workload visibility.
Based on eBPF technology, Aqua’s Lightning agent is faster, lighter and easier to manage at scale than the agents of yesterday. It complements Aqua’s agentless cloud workload scanning to provide easy, comprehensive visibility while delivering real-time, granular runtime detection and protection.
Regarding software supply chain security, Gartner states that the attack surface of cloud-native applications is increasing, and attackers are targeting the software supply chain itself. According to Gartner, “Over time, these types of capabilities will be incorporated by larger CNAPP offerings.”
Aqua is ahead of the curve and has already integrated end-to-end software supply chain security into the Aqua Platform.
Gartner recommends that security leaders should ‘Reduce complexity and improve the developer experience by choosing integrated CNAPP offerings that provide complete life cycle visibility and protection of cloud-native applications across development and staging and into runtime operation.’
“From day one, our vision at Aqua has been crystal clear: to deliver a single end-to-end security solution for the entire cloud native application lifecycle in one holistic platform”, adds Jerbi. “We’ve always believed that to be a true CNAPP, a solution must include both shift-left scanning, broad visibility, and crucially strong runtime controls that can detect a
