Aqua Cloud Native Application Protection Platform
Aqua Security Software Inc.External reviews
58 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Sr Cybersecurity Engineer
What do you like best about the product?
- Comprehensive platform - It provides full lifecycle protection for containers from build to runtime. This helps close security gaps that point solutions may miss.
- Integration with dev pipelines - Aqua integrates tightly with native build tools and CI/CD pipelines like Jenkins, Gitlab, Docker to enable seamless scanning and enforcement. This makes it easy for developers to adopt.
- Runtime protections - In addition to build-time scanning, Aqua enforces policies and monitors containers at runtime to prevent exploits and detect configuration drift over time.
- Visibility and reporting - The centralized console provides clear visibility into scanning results, policy violations and risks across all container environments. Robust reporting helps with compliance.
- Vulnerability database - Aqua maintains its own curated vulnerability database that is frequently updated to ensure the latest vulnerability definitions are being used in scans.
- Enterprise features - Capabilities like centralized management, control groups, role-based access and auditing make it suitable for large enterprise deployments with multiple teams.
- Active development - Aqua continues to release new features and enhancements on a regular basis, ensuring the platform keeps pace with trends in container security and usage.
Overall, I think Aqua offers one of the most full-featured and easy to use platforms for securing the entire container development lifecycle from a single vendor.
- Integration with dev pipelines - Aqua integrates tightly with native build tools and CI/CD pipelines like Jenkins, Gitlab, Docker to enable seamless scanning and enforcement. This makes it easy for developers to adopt.
- Runtime protections - In addition to build-time scanning, Aqua enforces policies and monitors containers at runtime to prevent exploits and detect configuration drift over time.
- Visibility and reporting - The centralized console provides clear visibility into scanning results, policy violations and risks across all container environments. Robust reporting helps with compliance.
- Vulnerability database - Aqua maintains its own curated vulnerability database that is frequently updated to ensure the latest vulnerability definitions are being used in scans.
- Enterprise features - Capabilities like centralized management, control groups, role-based access and auditing make it suitable for large enterprise deployments with multiple teams.
- Active development - Aqua continues to release new features and enhancements on a regular basis, ensuring the platform keeps pace with trends in container security and usage.
Overall, I think Aqua offers one of the most full-featured and easy to use platforms for securing the entire container development lifecycle from a single vendor.
What do you dislike about the product?
- False positives - Like all scanning tools, Aqua is susceptible to generating false positives that require developer time to investigate and resolve.
- Vendor lock-in - Investing heavily in Aqua's proprietary solution and data formats introduces some long-term vendor dependency risks.
- No Isolation control - Aqua only protects at the host/OS level currently. It does not provide full isolation capabilities of some specialized platforms.
- Immature microservices support - Aqua is container-native but some features are still catching up with advanced microservices patterns.
So in summary - cost, overhead of agents and potential vendor lock-in are some drawbacks that would need consideration.
- Vendor lock-in - Investing heavily in Aqua's proprietary solution and data formats introduces some long-term vendor dependency risks.
- No Isolation control - Aqua only protects at the host/OS level currently. It does not provide full isolation capabilities of some specialized platforms.
- Immature microservices support - Aqua is container-native but some features are still catching up with advanced microservices patterns.
So in summary - cost, overhead of agents and potential vendor lock-in are some drawbacks that would need consideration.
What problems is the product solving and how is that benefiting you?
1. Lack of container security visibility - Aqua provides a centralized platform to gain visibility into risks across the entire container development lifecycle from build to production. This helps organizations address security issues proactively.
2. Inability to shift security left - Without the right tools integrated into the development process, security typically gets tested too late. Aqua scans images during build/deploy and enforces policies to catch vulnerabilities early.
3. Difficulties with compliance - Container sprawl and lack of controls make it challenging to ensure configurations and software meet compliance standards. Aqua facilitates ongoing compliance through automated policy-based controls.
4. Workload vulnerabilities going undetected - Traditional security tools often miss container-specific risks. Aqua's runtime agent model and vulnerability database tailored for containers improves detection abilities.
5. Lack of developer security skills/tools - When security is separated from development, vulnerabilities persist. Aqua aims to integrate security practices into the developer workflow through seamless IDE/pipeline integrations.
So in summary, by gaining visibility, shifting security left, enforcing compliance and controls as code Aqua is intended to solve major security and compliance problems arising from adoption of container and cloud-native technologies.
2. Inability to shift security left - Without the right tools integrated into the development process, security typically gets tested too late. Aqua scans images during build/deploy and enforces policies to catch vulnerabilities early.
3. Difficulties with compliance - Container sprawl and lack of controls make it challenging to ensure configurations and software meet compliance standards. Aqua facilitates ongoing compliance through automated policy-based controls.
4. Workload vulnerabilities going undetected - Traditional security tools often miss container-specific risks. Aqua's runtime agent model and vulnerability database tailored for containers improves detection abilities.
5. Lack of developer security skills/tools - When security is separated from development, vulnerabilities persist. Aqua aims to integrate security practices into the developer workflow through seamless IDE/pipeline integrations.
So in summary, by gaining visibility, shifting security left, enforcing compliance and controls as code Aqua is intended to solve major security and compliance problems arising from adoption of container and cloud-native technologies.
Exceptional Security Solutions and Stellar Support
What do you like best about the product?
What I like best about Aqua Security is its comprehensive approach to security, proactive threat intelligence, strong focus on compliance, exceptional customer support, and commitment to continuous improvement. They truly excel in providing robust and tailored security solutions.
What do you dislike about the product?
While finding any significant drawbacks is challenging, Aqua Security's continuous improvement could benefit from even more frequent feature updates to further enhance its already exceptional offerings.
What problems is the product solving and how is that benefiting you?
Aqua Security solves security challenges in containers and cloud-native environments, providing enhanced protection, risk mitigation, and secure adoption of these technologies. Their solutions benefit us by ensuring the integrity and availability of our systems in these dynamic and evolving landscapes.
Best container scanning tool
What do you like best about the product?
I like the nice dashboards, I like how vulnerability findings are presented and explained in detail. I also like the fact that it provides remediation options. It's much easier to fix a problem when you have a tool like this.
I like the policies that can be easily configured for extra protection.
I like how nice and helpful the Aqua team always is, answering all our questions and always taking the time to discuss with us.
I like the policies that can be easily configured for extra protection.
I like how nice and helpful the Aqua team always is, answering all our questions and always taking the time to discuss with us.
What do you dislike about the product?
I think the intial config process was a bit long, but we managed to do it with the help of the Aqua team.
What problems is the product solving and how is that benefiting you?
Aqua helps us discover any high or critical vulnerability we might have and it gives us the instructions to follow in order to fix the problem.
Aqua Review
What do you like best about the product?
Easy User Experience and amazing support for any query
What do you dislike about the product?
Nothing much just features taking time to be implemented.
What problems is the product solving and how is that benefiting you?
Solving us amazingly to provide clean images and finding vulnerabilities
Responsive Team
What do you like best about the product?
The best part about Aqua Security is the customer service . They value the customer and understand the requirement and then provide feasible solution that meets end requirement.
What do you dislike about the product?
Their is nothing to dislike about aqua security as of now.
What problems is the product solving and how is that benefiting you?
It helps to keep the processes in compliance . It checks the standard and manages all the policies.
AquaSec have been very efficient and user friendly.
What do you like best about the product?
They have a lot of in-built frameworks for Cloud Security Posture Management.
What do you dislike about the product?
It sometimes takes them a while to explain or fix issues (like 2 days).
What problems is the product solving and how is that benefiting you?
Aqua Security is currently being used to manage the security of our cloud environments. It gives us a quick overview of our security situation. It is also multi-cloud compatible, making it easier for us to manage our platform from a single source.
CI/CD Security Platform
What do you like best about the product?
Provide overall security on the CI/CD pipeline
Simple and intuitive tool doesn’t require special training
Deployment is fast, took about 10 minutes including system review.
Liked the option to open tickets directly from the alerts and create pull requests.
Simple and intuitive tool doesn’t require special training
Deployment is fast, took about 10 minutes including system review.
Liked the option to open tickets directly from the alerts and create pull requests.
What do you dislike about the product?
I think the reporting section cloud be better.
What problems is the product solving and how is that benefiting you?
This is a very good solution for companies that want to get a full AppSec solution for their development process and environment. It includes what you need plus a very strong supply chain attack prevention
The best Solution for Supply Chain security
What do you like best about the product?
Central unified visibility and security across all the software development process.
Comprehensive security and DevOps best practices policies included out of the box.
Easy and quick deployment without interference or impact with existing processes.
Automatic remediation using tickets and pull-request enable you not only to identify issues but also resolve them fast using standard process, so no additional work on the security team.
Comprehensive security and DevOps best practices policies included out of the box.
Easy and quick deployment without interference or impact with existing processes.
Automatic remediation using tickets and pull-request enable you not only to identify issues but also resolve them fast using standard process, so no additional work on the security team.
What do you dislike about the product?
Segmentation of alerts by groups or project capabilities could be improved
We are using an old on-premise ticketing system which wasn’t originally supported, but Argon provided the API for it within 3 days
We are using an old on-premise ticketing system which wasn’t originally supported, but Argon provided the API for it within 3 days
What problems is the product solving and how is that benefiting you?
Argon provides us with a level visibility and protection over the software supply chain process that we haven’t been able to get before. Our security team can monitor and solve risks to our development process and increase our overall confidence and security posture.
Recommendations to others considering the product:
Highly recommended
Set up was less than 15 minutes
Immediate real results
I initially leveraged the 15 days free trial and later purchased based on the outcomes
Set up was less than 15 minutes
Immediate real results
I initially leveraged the 15 days free trial and later purchased based on the outcomes
showing 11 - 18