Listing Thumbnail

    Aqua Cloud Native Application Protection Platform

     Info
    Deployed on AWS
    Vendor Insights
    Aqua secures every cloud native application on AWS across the entire lifecycle. Protect containers, serverless, Kubernetes, and AI workloads to accelerate innovation and scale securely. Prevent attacks and reduce risk with security enforced from code to cloud to prompt
    4.2

    Overview

    Play video

    Aqua secures every cloud native application everywhere, including AI. The Aqua Platform (CNAPP) delivers full lifecycle security from development to production, enabling organizations to build faster and innovate with confidence. FedRAMP High Authorized, Aqua helps enterprises meet the most rigorous security and compliance standards. By embedding security across the software development lifecycle, Aqua reduces risk and accelerates digital transformation on AWS. Get a Demo: https://www.aquasec.com/demo/ 

    Highlights

    • Unified platform to secure every cloud native application, including containers, serverless, Kubernetes, and AI workloads across AWS, on-premises, and multi-cloud environments
    • Runtime protection to detect threats, block malicious activity, and enforce compliance in production across all cloud native workloads
    • Purpose-built AI workload security to govern LLMs and generative AI applications, detect model abuse, and enforce policy

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Vendor Insights

     Info
    Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
    Security credentials achieved
    (4)

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Aqua Cloud Native Application Protection Platform

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (3)

     Info
    Dimension
    Description
    Cost/12 months
    Aqua Platform Shift Left
    Standard Plan
    $50,000.00
    Aqua Platform Protect
    Advanced Plan
    $100,000.00
    Aqua Platform Ultimate
    Ultimate Plan
    $150,000.00

    Vendor refund policy

    All software, maintenance and support are provided subject to the terms and conditions of the Aqua Security Inc. License Agreement.

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Container Workloads
    Top
    10
    In Monitoring, Application Development
    Top
    25
    In Observability, Software Development

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Multi-Workload Security Coverage
    Unified platform securing containers, serverless, Kubernetes, and AI workloads across AWS, on-premises, and multi-cloud environments
    Runtime Threat Detection and Enforcement
    Runtime protection to detect threats, block malicious activity, and enforce compliance in production across all cloud native workloads
    AI and LLM Security Governance
    Purpose-built AI workload security to govern large language models and generative AI applications with model abuse detection and policy enforcement
    Full Lifecycle Security
    Security coverage across the entire software development lifecycle from code development through production deployment
    Compliance and Authorization Standards
    FedRAMP High authorization enabling compliance with rigorous security and regulatory standards
    Agentless Cloud Security Architecture
    Agentless-first approach using patented SideScanning technology that provides deep visibility into cloud environments without requiring agent deployment
    Risk Prioritization and Attack Path Analysis
    Granular risk scoring applied to each alert with capability to identify and correlate seemingly unrelated issues into dangerous attack paths
    Unified Cloud Security Platform
    Single platform consolidating multiple security functions including CSPM, CWPP, CIEM, DSPM, Container security, and API security
    CI/CD Integration for Application Security
    Seamless integration into CI/CD process to secure applications from code to cloud deployment
    AI-Powered Investigation and Remediation
    Generative AI capabilities for simplified security investigations and accelerated remediation workflows
    Offensive Security Engine
    Simulates external exploits to produce Verified Exploit Paths for prioritizing exposures that are reachable by outside attackers and reducing cloud attack surface.
    Cloud Security Posture Management
    Continuously monitors and manages security of AWS configurations to prevent public exposure and ensure compliance.
    Secrets Scanning
    Identifies more than 750 types of secrets across public and private repositories.
    Cloud Infrastructure Entitlements Management
    Detects and manages excessive or unused permissions to mitigate the risk of privilege escalation.
    Real-Time Malware Detection
    Detects malware including zero-days in milliseconds with scanning performed directly in cloud environment for object storage services like Amazon S3 and file storage services.

    Security credentials

     Info
    Validated by AWS Marketplace
    FedRAMP
    GDPR
    HIPAA
    ISO/IEC 27001
    PCI DSS
    SOC 2 Type 2
    -
    -
    -
    -
    -
    -
    -
    -
    No security profile

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.2
    65 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    54%
    35%
    8%
    3%
    0%
    6 AWS reviews
    |
    59 external reviews
    External reviews are from G2  and PeerSpot .
    reviewer2536323

    Unified cloud-native security has improved compliance and now needs simpler deployment and AI insight

    Reviewed on Jul 04, 2026
    Review from a verified AWS customer

    What is our primary use case?

    I used Aqua Cloud Security Platform  for container image scanning, runtime threat detection, infrastructure as code scanning, and software supply chain security.

    I used it for container image scanning registries for our Azure  cloud environment and AWS  ECR as well. So it was for Azure Container Registry  scanning and Amazon ECR  scanning.

    For Kubernetes  security, I think it is a good feature, including RBAC analysis, privileged containers, host path detection, and pod security. And on the CSPM side as well.

    Mostly, I used it for container scanning and our CI/CD pipeline scanning. So mostly, on the CSPM side.

    We deployed it in a hybrid environment. We also have both AWS  cloud and Azure  cloud. So it is a hybrid deployment.

    What is most valuable?

    The best features I can identify are container image scanning, Kubernetes  security, runtime protection, CSPM, infrastructure as code security, and supply chain security as well.

    Not specifically cost saving, but from the security side, we completed our compliance standards, and in our CI/CD pipeline, we set up our security gates between the planning, build, and code phases.

    What needs improvement?

    I think Aqua Cloud Security Platform  has a good, strong platform, but there are still other areas. For example, if we compare it with Prisma Cloud or Wiz , I can see that with the initial deployment, in the deployment phase, they need to create a more user-friendly interface. Also, the cloud context visualization is an area for improvement. Aqua Cloud Security Platform is focusing heavily on workloads and runtime security, but it offers less intuitive visualization of cloud relationships compared to Wiz  and Prisma Cloud.

    I think for the licensing part and AI-driven prioritization, this needs improvement. While Aqua Cloud Security Platform prioritizes findings using CVSS and policy context, if we compare it with Wiz and Prisma Cloud, they are increasingly using AI-driven risk scoring that incorporates exploitability, identity exposure, internet reachability, and business context.

    Regarding AI-driven activities, I think there is still a need for them to think about, or implement, or enhance their LLM models so they can prioritize the CVSS or policy context scoring based on AI-driven methodologies.

    I think the licensing complexity and agent dependency are areas for improvement. Many runtime protection capabilities rely on deploying Aqua enforcers and Aqua agents. So, organizations that prefer completely agentless security for operational simplicity may find this less attractive than platforms like Wiz or Orca Security , which emphasize agentless assessment for many use cases. Also, the licensing can become difficult to estimate for large environments with many clusters, workloads, and cloud accounts, making cost forecasting less straightforward than for some competitors.

    For how long have I used the solution?

    I used Aqua Cloud Security Platform in my previous job for around three years.

    What do I think about the stability of the solution?

    Aqua Cloud Security Platform is stable as of now.

    What do I think about the scalability of the solution?

    Platform scalability is fantastic and its enterprise solution is really amazing.

    How are customer service and support?

    Customer support is acceptable. Sometimes we receive a complaint from our L3 or L2 engineers that they are not getting proper on-time support, but overall, it is acceptable.

    Which solution did I use previously and why did I switch?

    Previously, we were using multiple tools for scanning: container image scanning, Kubernetes security, runtime security, CSPM and on the IAC side. We were using multiple scanning tools for that. Then we found one single solution, which is Aqua Cloud Security Platform. So it really added value for our organization.

    We were previously using a lot of open-source tools. Open-source tools have their limitations and there is no vendor support. Then we did a lot of analysis with multiple paid solutions and came to know that Aqua Cloud Security Platform is the best from our environment's perspective.

    How was the initial setup?

    The main trend is for deployment complexity, so we still have to use multiple resources for that. But after deploying it in the CI/CD pipeline, it enhances our CI/CD or automation capability for the organization. So the DevSecOps  capacity or DevSecOps  integration is good. And the supply chain security is also fantastic. Container security, Kubernetes security, runtime protection, everything is fantastic.

    What's my experience with pricing, setup cost, and licensing?

    I think the licensing part and the cost part are as per the market standard, but it again depends on your budget and what services you are looking for. So, overall, it is good. Not too high, not too low. It is easy for organizations.

    Which other solutions did I evaluate?

    We went through Wiz, Prisma, and Orca  as well.

    What other advice do I have?

    My advice would be that if someone is looking for runtime protection, Kubernetes security, container security, IAC security, and supply chain security for their organization, then I think Aqua Cloud Security Platform is fantastic. But if they are looking for agentless assessment, attack path analysis, and ease of deployment, then they can look at other vendors. I would rate this product seven out of ten.

    DeepakReddy

    Cloud-native security has unified container protection and now automates vulnerability checks

    Reviewed on Jun 27, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Aqua Cloud Security Platform  secures our containers, Kubernetes  clusters, and container images. We regularly run container image scanning, SAST  scans, and vulnerability management and software supply chain security scans. We also use it for secret detection, rotation of secret keys, and compliance monitoring.

    Aqua helps with secret detection by scanning our GitHub  or GitLab  repositories to check whether there are any passwords or sensitive data present. If it detects them, we remove them or take action around them.

    How has it helped my organization?

    Aqua Cloud Security Platform  has positively impacted our organization by improving our tooling usage.

    It has positively impacted us by reducing twenty to thirty percent of our manual vulnerability checks.

    We see a return on investment in terms of time saved, with around twenty-five to thirty percent of our time saved as we no longer need to search for vulnerabilities manually. We can now see all vulnerabilities on one dashboard.

    What is most valuable?

    Aqua Cloud Security Platform is perfect for us because it has container image scanning, real-time protection, Kubernetes  security, and inbuilt cloud security. It is an all-in-one tool.

    The best feature of Aqua Cloud Security Platform is the Kubernetes security, which secures admission controllers, runtime policies, namespace protection, and RBAC and pod security. It helps manage all these aspects effectively with this cloud-native security tool.

    We use admission controllers, and this Aqua cloud-native solution has inbuilt admission controllers and Kubernetes operators that help secure our Kubernetes pods, deployments, and services. This is particularly beneficial for us, especially because other solutions operating in the same space do not match the accuracy and operational capability. The scans and benchmarking are also very good.

    Other notable features I found in Aqua Cloud Security Platform include multiple integrations with tools such as Docker , AWS , Azure , Google Cloud , GitHub , GitLab , Jenkins , Azure DevOps , Bitbucket , Terraform , and Jfrog. There are hundreds of integrations available. It also has multiple deployment options such as hybrid cloud, multi-cloud, or on-premise, and includes SAST  with all security tooling inbuilt, making it a comprehensive tool.

    The dashboard shows all the important information we were missing in our previous tool.

    What needs improvement?

    Improvements could be made to Aqua Cloud Security Platform.

    I am considering some specific features that Aqua could include for better functionality.

    The UI needs some improvement as it is somewhat overwhelming, and the licensing can be expensive at scale. The AI output of Aqua Cloud Security Platform is good, but I believe it can be improved. We received alerts about vulnerabilities in our dashboard, particularly related to a database call issue. The AI identified a problem with a Postgres snapshot, which turned out to be accurate, but it could be enhanced by including specific details about what has gone wrong.

    For how long have I used the solution?

    I have been using Aqua Cloud Security Platform for around a year.

    What do I think about the stability of the solution?

    Aqua Cloud Security Platform is stable based on my experience.

    What do I think about the scalability of the solution?

    It can handle increasing workloads easily.

    How are customer service and support?

    The customer support has been responsive and knowledgeable, especially regarding deployment questions and policy tuning.

    Which solution did I use previously and why did I switch?

    We previously used a security tool built into our company, which had many issues, mainly only supporting AWS  and Docker , without Kubernetes or other cloud providers. That is why we switched to Aqua Cloud Security Platform, an all-in-one solution.

    How was the initial setup?

    We purchased Aqua Cloud Security Platform from the AWS Marketplace .

    What's my experience with pricing, setup cost, and licensing?

    My experience with Aqua Cloud Security Platform's pricing, setup cost, and licensing has been good.

    The license and setup costs have been reasonable, though a challenge arises when deploying the entire application in our own cloud, as we must manage everything from scratch. The customer support has also been very cooperative.

    Which other solutions did I evaluate?

    We evaluated various options, including Snyk  and Splunk, as well as other tools such as Trivy . We found Aqua Cloud Security Platform to be the best choice among all alternatives.

    What other advice do I have?

    The AI output of Aqua Cloud Security Platform is good, but I believe it can be improved. We received alerts about vulnerabilities in our dashboard, particularly related to a database call issue. The AI identified a problem with a Postgres snapshot, which turned out to be accurate, but it could be enhanced by including specific details about what has gone wrong.

    Aqua Cloud Security Platform needs some improvement in the UI, which is somewhat overwhelming, and the licensing can be expensive at scale. I gave this product a rating of eight.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    reviewer2536323

    Cloud-native security has strengthened our pipeline and now needs better dashboards and AI risk views

    Reviewed on Jun 20, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Aqua Cloud Security Platform  is primarily used for cloud-native applications, focusing on cloud identity and entitlement management and vulnerability management for containers, Kubernetes , and ISC, along with secret detection and DevSecOps .

    A recent project with Aqua Cloud Security Platform  addressed a security challenge related to container and Kubernetes  security using runtime protection. Examples include container escape attempts, privilege escalations, reverse shell executions, malicious process wrapping, and crypto mining, which involved using Aqua runtime controls to scan the entire CNAPP .

    Kubernetes security is a key focus, where Aqua provides capabilities for network segmentation, pod security controls, and service account monitoring, often stronger than Microsoft Defender for Cloud  and more mature than Orca .

    What is most valuable?

    The best features found in Aqua Cloud Security Platform include capabilities at the domain-wise level, which include CWPP , secret detection, runtime protection, Kubernetes security, vulnerability management, and CSPM.

    Aqua Cloud Security Platform positively impacted my organization by allowing deployment from code to cloud in the entire CI/CD pipeline, with excellent capabilities and recent AI application security that is useful in the DevSecOps  platform.

    Multi-cloud support with AWS , Azure , GCP , and software supply chain security with SBOM generation and CI/CD pipeline scanning are unique aspects that set Aqua Cloud Security Platform apart.

    What needs improvement?

    When compared to modern platforms like Wiz  and CrowdStrike, the user interface of Aqua Cloud Security Platform feels more engineer-focused than executive-friendly, requiring improvement in user interfaces for CISO preferences.

    Currently, there is a move towards agent-based solutions, and Aqua Cloud Security Platform lacks visibility on the agent side. Wiz  and Orca  have changed the market with agentless scanning, while Aqua Cloud Security Platform still relies on deeper runtime agents, inviting operational overhead compared to other vendors.

    Risk prioritization in security graphs is a point where Aqua Cloud Security Platform is less mature than Wiz, which excels at identifying critical vulnerabilities as a single attack path.

    For how long have I used the solution?

    I have been using Aqua Cloud Security Platform for around four years.

    What do I think about the stability of the solution?

    Aqua Cloud Security Platform is stable, providing good capabilities and service.

    What do I think about the scalability of the solution?

    Aqua Cloud Security Platform's scalability is good, providing better services compared to DevSecOps when compared to CrowdStrike and Orca.

    How are customer service and support?

    The customer support for Aqua Cloud Security Platform is excellent, available 24/7, and provides better solutions for any issues raised through tickets.

    Which solution did I use previously and why did I switch?

    I did not previously use a different solution; we were using earlier open-source solutions only. We wanted to go with a paid solution to provide good capability that we can rely on.

    What was our ROI?

    I have seen a return on investment with Aqua Cloud Security Platform as it provides good capabilities. It is generally used for the DevSecOps pipeline to scan the entire SAST , DAST, or ISC, performing excellently in that area.

    What's my experience with pricing, setup cost, and licensing?

    Compared to other vendors, Aqua Cloud Security Platform's pricing is good or lesser. The pricing part is acceptable, and ease of use, as well as DevSecOps integration, is excellent.

    Which other solutions did I evaluate?

    Before choosing Aqua Cloud Security Platform, I evaluated other options including CrowdStrike and Orca.

    What other advice do I have?

    My advice for others looking into using Aqua Cloud Security Platform is that for container security, Kubernetes security, runtime protection, supply chain, or overall CNAPP , if someone wants to use it at a lesser price, this product provides good capabilities. They can proceed with this product; however, for dashboard and executive reporting, if that is specifically what you are looking for, you may want to consider other products.

    Aqua Cloud Security Platform's AI capabilities provide good governance and security primarily through risk prioritization, although compared to Wiz, Prisma Cloud, and Orca, it is less competitive at the moment. In terms of supply chain securities, Aqua Cloud Security Platform is paramount in comparison to other vendors.

    When it comes to the accuracy and reliability of Aqua Cloud Security Platform's AI capabilities, more work on the AI security side is required. A responsible AI part is missing, making it less valuable.

    I rated this product a seven out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Mark Rausch

    Daily cloud posture checks have reduced compliance risk but still need faster, smoother interface

    Reviewed on Jun 16, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Aqua Cloud Security Platform  is to check mostly cloud security posture management.

    A specific example of how I check cloud security posture with Aqua Cloud Security Platform  is that we were basically tasked with making sure to do daily checks to ensure there were no critical vulnerabilities or anything within the environment itself of our client. If there was, we found any new vulnerabilities or CVEs that popped up and notified the client, then looked through their environment to see if anything was found.

    That covers my main use case with Aqua Cloud Security Platform.

    What is most valuable?

    The best features Aqua Cloud Security Platform offers include a good way for checking vulnerabilities within the cloud of our client's cloud infrastructure.

    Regarding how Aqua Cloud Security Platform helps with checking vulnerabilities, they had some vulnerability dashboards for going into each vulnerability that was found in order to find out which specific cloud assets were impacted. Mostly it was for the cloud security posture management side of things.

    Aqua Cloud Security Platform has positively impacted my organization by helping with decreasing the number of compliancy issues with the company that we were working on. We used it to help them figure out what CVEs or cloud security posture management issues that they should be taking care of first and helped show which issues were most concerning and work our way through the most critical ones.

    Prioritizing those issues with Aqua Cloud Security Platform certainly helped reduce the risks that they were impacting their environment. It helps save a little bit of time for determining which aspects the client needed to focus on first before moving on to lower priority tasks.

    What needs improvement?

    Regarding the features of Aqua Cloud Security Platform, the GUI itself would sometimes be a little slow, but other than that, I liked everything else.

    Regarding how Aqua Cloud Security Platform can be improved, I wish it had better application speeds and responsiveness. When I used it on the client that I had a few years ago, we ran into some issues where it would not load properly. Those issues might have been fixed by now.

    For how long have I used the solution?

    I have been using Aqua Cloud Security Platform for roughly a year, give or take. This was back when I was working at IBM. We were using it for one of our clients.

    What do I think about the stability of the solution?

    When I used Aqua Cloud Security Platform several years ago, it was fairly reliable with some stability issues.

    What do I think about the scalability of the solution?

    Aqua Cloud Security Platform did not seem to have any issues with scaling. That being said, when we were working for our client, there was not really a whole lot of growth. There was a little bit but not a large amount, but it did seem to work fine.

    How are customer service and support?

    I believe I only had one or two tickets open with customer support while I was working on Aqua Cloud Security Platform and everything seemed fine and quick.

    On a scale of one to ten, I would rate the customer support for Aqua Cloud Security Platform a ten out of ten.

    Which solution did I use previously and why did I switch?

    I did not use any previous solution with this client. I am pretty sure this client always had Aqua security.

    What was our ROI?

    There was definitely some time saved with Aqua Cloud Security Platform. The ability to quickly go through and find out what needed to be done allowed us to quickly put reports together to present to the client.

    Which other solutions did I evaluate?

    I did not evaluate any other options for this client. It was just for Aqua Cloud Security Platform.

    What other advice do I have?

    I rate Aqua Cloud Security Platform a seven out of ten.

    I chose a seven for Aqua Cloud Security Platform because it is very useful. It allows us to be very convenient. However, there were some issues such as the responsiveness of the GUI and some glitches a few times.

    When I had used Aqua Cloud Security Platform last, they did not really have much in the way of AI capabilities, but it really did have some good governance and security features.

    I never really had to do much with the AI capabilities of Aqua Cloud Security Platform. I never really messed with it as I had used it several years ago.

    I would advise others looking into using Aqua Cloud Security Platform to check around at other platforms as well and compare to see what your needs are compared to what everything else offers.

    I do not have any additional thoughts about Aqua Cloud Security Platform before we wrap up.

    Sayed Basha

    Automated cloud and container checks have streamlined vulnerability management and collaboration

    Reviewed on Jun 05, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Aqua Cloud Security Platform 's main use case is scanning for vulnerabilities and detecting vulnerabilities, which allows me to manage our CIS benchmark as well.

    I use Aqua Cloud Security Platform  for vulnerability scanning, particularly with the open-source tool called Trivy , which helps identify bugs in Docker  images. I only need to install that software into the system and run a couple of commands. Based on those inputs, it analyzes the image package and provides suggestions on the vulnerabilities, how to fix them, the consequences, and the pros and cons. I also use Kube-bench with Aqua Cloud Security Platform to scan Kubernetes  clusters for vulnerabilities, bugs, and issues at the cluster levels. Once I run the Kube-bench commands at the cluster levels, it provides detailed information on what exactly needs to be taken care of, what should be removed if an unnecessary package is present, or if something unnecessary has been allowed, such as permissions for all users. It provides all the essential information on exactly what needs to be done.

    As I mentioned, I used Aqua Cloud Security Platform with Trivy , which is a great lightweight open-source tool, and Kube-bench, which follows CIS benchmarks, making it an industrial standard that can be implemented in test, UAT, production, or development environments. This use case can be integrated into CI/CD pipelines, automating tasks, generating reports, and sharing those reports with development teams for reviewing and rectifying issues, bugs, or vulnerabilities.

    Aqua Cloud Security Platform offers several features, including code and supply chain security for scanning vulnerabilities, where it is a lightweight and fast scanning tool for lightweight images and serverless functions. Additionally, it provides cloud and infrastructure posture management, continuously monitoring cloud assets and infrastructure configuration to ensure compliance with organizational standards. There is also advanced runtime protection, known as ARP or CWPP , for real-time threat detection, addressing issues such as agent failures. Lastly, there are AI and generative security features involving machine learning, along with many additional security features, but these are the main ones I can identify.

    As a cloud engineer and DevOps engineer, my day-to-day tasks mostly involve cloud interactions with cloud service providers. In this context, cloud security posture management scans public cloud environments such as AWS , Azure , and GCP , detecting misconfigurations. If storage, such as buckets, is exposed in public environments, it alerts me to take necessary actions. Kubernetes  security posture management leverages Kube-bench and CIS benchmarks for continuous audits of Kubernetes clusters, control planes, and node configurations against the CIS benchmark. If something is missing, it alerts me and guides me on how to rectify it.

    How has it helped my organization?

    Aqua Cloud Security Platform has positively impacted my organization with a drastic reduction in vulnerability search time. Manual processes consume more time and lower productivity, but using Aqua Cloud Security Platform increases productivity and reduces time spent searching or identifying vulnerabilities. It also accelerates DevSecOps  principles, automating the checks developers need without waiting for manual security sign-offs. Prior to Aqua Cloud Security Platform, development teams blamed security teams and vice versa, but Aqua Cloud Security Platform has bridged that gap, reducing tension between the two teams.

    Since adopting Aqua Cloud Security Platform, I have observed around a 40 to 45 percent increase in productivity and a reduction of around 35 to 40 percent in time taken for tasks that previously required manual intervention, such as Python linting. Before, I performed manual checks line by line, but now Aqua Cloud Security Platform automates these processes, generates reports, and allows me to take immediate action.

    What is most valuable?

    One additional feature of Aqua Cloud Security Platform is cloud infrastructure entitlement management, which tracks human and machine identities across cloud platforms while discovering privileged accounts, unused permissions, and potential threats. It escalates alerts if something poses a real threat to the organization.

    What needs improvement?

    Aqua Cloud Security Platform could improve by streamlining the onboarding process and initial policy tuning to reduce the feeling of exhaustion or fatigue. Additionally, enhancing the user interface would be beneficial as tools such as Trivy scanner and Kube-bench typically operate on CLI. A user interface that integrates smoothly with CI/CD pipelines and Kubernetes clusters would be a significant improvement. Also, reporting could be clearer and more actionable, rather than presenting a massive list of open issues, which could overwhelm busy development or testing teams. Advanced documentation for enterprise-level users would also enhance the platform, making it accessible for startups or mid-sized organizations with limited budgets.

    Improving the user interface would provide better visibility, especially for newcomers trying to understand Aqua Cloud Security Platform. If new users find it easier to integrate with CI/CD pipelines or Kubernetes clusters through a more straightforward interface, that would be a significant achievement.

    For how long have I used the solution?

    I have been using Aqua Cloud Security Platform for around three to four years.

    What other advice do I have?

    I take off those two points because it lacks sufficient open-source documentation; it is primarily available at the enterprise level, which could hinder users who want to learn about Aqua Cloud Security Platform without enterprise access. My overall review rating for this product is 8 out of 10.

    View all reviews