Aqua Security выпустила платформу обеспечения безопасности облачных приложений Cloud Native Application Protection Platform
Aqua Security выпустила платформу обеспечения безопасности облачных приложений Cloud Native Application Protection Platform
Aqua Security выпустила платформу для обеспечения безопасности облачных приложений Cloud Native Application Protection Platform. Платформа безопасности облачных приложений защищает полностью весь стек, в любом облаке, на виртуальных машинах, в контейнерах и без серверов. Решение сканирует артефакты на наличие уязвимостей, вредоносных программ, секретных данных и других угроз во время разработки и конвейеризации. Aqua Security CNDR позволяет устанавливать гибкие динамические политики для управления развертыванием в средах выполнения.
Aqua announced the addition of a new, industry-leading detection and response capability to its Cloud Native Application Protection Platform (CNAPP), called Cloud Native Detection and Response (CNDR). CNDR uses real-time behavioral indicators from Aqua’s cyber research team, Nautilus, to identify zero-day attacks from low-level eBPF events surfaced by Aqua’s open source project Tracee. Combined with Aqua’s cloud workload protection platform (CWPP) controls, CNDR is the first solution that can detect and respond to attacks in runtime with minimal disruption to production.
CNDR provides key detection as part of Aqua’s broader CWPP controls
Gartner defines CWPP as a combination of scanning and runtime protection for cloud workloads.
Aqua’s CWPP capabilities involve a robust set of runtime controls for layered VM, container, and serverless workload protection. These controls act as layers for a defense-in-depth strategy to harden workloads before they are run, and then to respond quickly and in real time to attacks in progress in the production environment.
Some runtime controls act as an acceptance gate for a workload, defining what can and can’t run. Micro-segmentation policies determine acceptable traffic between nodes, clusters, and hosts, while Kubernetes assurance policies dictate the Kubernetes configurations that must be present (or that cannot be present) for a workload to be allowed to run.
Other runtime controls respond in real time to stop attacks in progress. For example, drift prevention maintains the immutability of containers in runtime; any behavior that was not intended as part of the behavior of a container in runtime will be prevented. Drift prevention takes advantage of the immutable properties of containers to stop the bad behavior without the necessity of knowing what’s causing it. Another example of a real-time response is vShield, which will prevent the ability to exploit any vulnerabilities that cannot be fixed.
It’s important to note that any CWPP—but especially those that protect container, Kubernetes, and serverless workloads—should provide protection while maintaining uptime and minimizing disruption in production.
