Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Director of Infrastructure Engineering
What do you like best about the product?
Ease of use and wide range of feature availability. It supports Windows containers.
What do you dislike about the product?
Nothing we've encountered yet has been an issue.
What problems is the product solving and how is that benefiting you?
Provides container security in our:
Container build pipelines
Container registry
Runtime environments
Container build pipelines
Container registry
Runtime environments
- Leave a Comment |
- Mark review as helpful
Aqua review
What do you like best about the product?
One of the things I like best about Aqua is its ease of use
What do you dislike about the product?
I would like if there were better reporting options within Aqua
What problems is the product solving and how is that benefiting you?
Aqua provide us vulnerability related data for our containers and give us information on the security posture of our kubernetes environment
high quality product and good customer service
What do you like best about the product?
Provide accurate visibility of application software. Very low false positive rate. Detection and actionable follow up instruction.
What do you dislike about the product?
area can be improved is the integration with third party tool, such as service now, jira ...
What problems is the product solving and how is that benefiting you?
gain visibilty of seurity risk associated with our application development process. helped us to quickly identify critial vulnerabilies and provide actionable follow up for our developers to address the issues.
Sr Cybersecurity Engineer
What do you like best about the product?
- Comprehensive platform - It provides full lifecycle protection for containers from build to runtime. This helps close security gaps that point solutions may miss.
- Integration with dev pipelines - Aqua integrates tightly with native build tools and CI/CD pipelines like Jenkins, Gitlab, Docker to enable seamless scanning and enforcement. This makes it easy for developers to adopt.
- Runtime protections - In addition to build-time scanning, Aqua enforces policies and monitors containers at runtime to prevent exploits and detect configuration drift over time.
- Visibility and reporting - The centralized console provides clear visibility into scanning results, policy violations and risks across all container environments. Robust reporting helps with compliance.
- Vulnerability database - Aqua maintains its own curated vulnerability database that is frequently updated to ensure the latest vulnerability definitions are being used in scans.
- Enterprise features - Capabilities like centralized management, control groups, role-based access and auditing make it suitable for large enterprise deployments with multiple teams.
- Active development - Aqua continues to release new features and enhancements on a regular basis, ensuring the platform keeps pace with trends in container security and usage.
Overall, I think Aqua offers one of the most full-featured and easy to use platforms for securing the entire container development lifecycle from a single vendor.
- Integration with dev pipelines - Aqua integrates tightly with native build tools and CI/CD pipelines like Jenkins, Gitlab, Docker to enable seamless scanning and enforcement. This makes it easy for developers to adopt.
- Runtime protections - In addition to build-time scanning, Aqua enforces policies and monitors containers at runtime to prevent exploits and detect configuration drift over time.
- Visibility and reporting - The centralized console provides clear visibility into scanning results, policy violations and risks across all container environments. Robust reporting helps with compliance.
- Vulnerability database - Aqua maintains its own curated vulnerability database that is frequently updated to ensure the latest vulnerability definitions are being used in scans.
- Enterprise features - Capabilities like centralized management, control groups, role-based access and auditing make it suitable for large enterprise deployments with multiple teams.
- Active development - Aqua continues to release new features and enhancements on a regular basis, ensuring the platform keeps pace with trends in container security and usage.
Overall, I think Aqua offers one of the most full-featured and easy to use platforms for securing the entire container development lifecycle from a single vendor.
What do you dislike about the product?
- False positives - Like all scanning tools, Aqua is susceptible to generating false positives that require developer time to investigate and resolve.
- Vendor lock-in - Investing heavily in Aqua's proprietary solution and data formats introduces some long-term vendor dependency risks.
- No Isolation control - Aqua only protects at the host/OS level currently. It does not provide full isolation capabilities of some specialized platforms.
- Immature microservices support - Aqua is container-native but some features are still catching up with advanced microservices patterns.
So in summary - cost, overhead of agents and potential vendor lock-in are some drawbacks that would need consideration.
- Vendor lock-in - Investing heavily in Aqua's proprietary solution and data formats introduces some long-term vendor dependency risks.
- No Isolation control - Aqua only protects at the host/OS level currently. It does not provide full isolation capabilities of some specialized platforms.
- Immature microservices support - Aqua is container-native but some features are still catching up with advanced microservices patterns.
So in summary - cost, overhead of agents and potential vendor lock-in are some drawbacks that would need consideration.
What problems is the product solving and how is that benefiting you?
1. Lack of container security visibility - Aqua provides a centralized platform to gain visibility into risks across the entire container development lifecycle from build to production. This helps organizations address security issues proactively.
2. Inability to shift security left - Without the right tools integrated into the development process, security typically gets tested too late. Aqua scans images during build/deploy and enforces policies to catch vulnerabilities early.
3. Difficulties with compliance - Container sprawl and lack of controls make it challenging to ensure configurations and software meet compliance standards. Aqua facilitates ongoing compliance through automated policy-based controls.
4. Workload vulnerabilities going undetected - Traditional security tools often miss container-specific risks. Aqua's runtime agent model and vulnerability database tailored for containers improves detection abilities.
5. Lack of developer security skills/tools - When security is separated from development, vulnerabilities persist. Aqua aims to integrate security practices into the developer workflow through seamless IDE/pipeline integrations.
So in summary, by gaining visibility, shifting security left, enforcing compliance and controls as code Aqua is intended to solve major security and compliance problems arising from adoption of container and cloud-native technologies.
2. Inability to shift security left - Without the right tools integrated into the development process, security typically gets tested too late. Aqua scans images during build/deploy and enforces policies to catch vulnerabilities early.
3. Difficulties with compliance - Container sprawl and lack of controls make it challenging to ensure configurations and software meet compliance standards. Aqua facilitates ongoing compliance through automated policy-based controls.
4. Workload vulnerabilities going undetected - Traditional security tools often miss container-specific risks. Aqua's runtime agent model and vulnerability database tailored for containers improves detection abilities.
5. Lack of developer security skills/tools - When security is separated from development, vulnerabilities persist. Aqua aims to integrate security practices into the developer workflow through seamless IDE/pipeline integrations.
So in summary, by gaining visibility, shifting security left, enforcing compliance and controls as code Aqua is intended to solve major security and compliance problems arising from adoption of container and cloud-native technologies.
Exceptional Security Solutions and Stellar Support
What do you like best about the product?
What I like best about Aqua Security is its comprehensive approach to security, proactive threat intelligence, strong focus on compliance, exceptional customer support, and commitment to continuous improvement. They truly excel in providing robust and tailored security solutions.
What do you dislike about the product?
While finding any significant drawbacks is challenging, Aqua Security's continuous improvement could benefit from even more frequent feature updates to further enhance its already exceptional offerings.
What problems is the product solving and how is that benefiting you?
Aqua Security solves security challenges in containers and cloud-native environments, providing enhanced protection, risk mitigation, and secure adoption of these technologies. Their solutions benefit us by ensuring the integrity and availability of our systems in these dynamic and evolving landscapes.
Best container scanning tool
What do you like best about the product?
I like the nice dashboards, I like how vulnerability findings are presented and explained in detail. I also like the fact that it provides remediation options. It's much easier to fix a problem when you have a tool like this.
I like the policies that can be easily configured for extra protection.
I like how nice and helpful the Aqua team always is, answering all our questions and always taking the time to discuss with us.
I like the policies that can be easily configured for extra protection.
I like how nice and helpful the Aqua team always is, answering all our questions and always taking the time to discuss with us.
What do you dislike about the product?
I think the intial config process was a bit long, but we managed to do it with the help of the Aqua team.
What problems is the product solving and how is that benefiting you?
Aqua helps us discover any high or critical vulnerability we might have and it gives us the instructions to follow in order to fix the problem.
Covers a lot!
What do you like best about the product?
The amount of content Aqua covers within Cloud is extremely impressive. It's a hugely powerful tool compared to it's competitors.
Support contacts are readily available.
Easy to deploy using Helm and APIs.
Support contacts are readily available.
Easy to deploy using Helm and APIs.
What do you dislike about the product?
There's multiple ways to do the same thing, making it complicated to use.
What problems is the product solving and how is that benefiting you?
Identifiying risks and security threats within our cloud platforms.
Solid foundation, lacking custoziablility
What do you like best about the product?
All the information you need is obtainable, but you will likely have to interact with their API to get that information. That being said they do have good API docs.
What do you dislike about the product?
Dashboards are basically useless unless you are only looking for very basic metrics. Its hard to compare past and current results, which mean you are likely just going to export your results to CSV and do your analysis in Excel.
What problems is the product solving and how is that benefiting you?
Aqua provides us with vulnerability information for our containers and gives us an understanding what images are running within our environments.
Effective insight to container security posture
What do you like best about the product?
Aqua provides the ability to isolate specific areas when dealing with the overwhelming nature of managing containers and their security footprint. Specific areas that are broken down from images, infrastructure, network, runtime protection etc. allows for taking each section and narrowing it down to actionable items which can be addressed making it less overwhelming.
What do you dislike about the product?
An opportunity of improvement would be to be able to trigger based on container layers and any security vulnerabilities that exists withing that layer would help further drill down specific issues that may be present in that level. Better integration with GitLab CICD would be helpful as well.
Another feature that would be helpfu would be to be able to drill down from the Widgets. As of now, the widget only allows read-only visuals.
Another feature that would be helpfu would be to be able to drill down from the Widgets. As of now, the widget only allows read-only visuals.
What problems is the product solving and how is that benefiting you?
Ability to have compliance based benchmarking using industry standards such as CIS. Managing threat landscape with the applications deployed to the cloud. Ability to isolate and map network traffic for container interaction to external entities.
VERY solid product which provided top roi
What do you like best about the product?
Able to identify our app sec weakness, we were able to mange all vulnerabilities and code weakness by using aqua to find and understand what each dev team needs
What do you dislike about the product?
I didn't find anything that's we didn't like. Cost was many a factory that would fit in the category . A part from that it's a very good product. Cost was one is the issue
What problems is the product solving and how is that benefiting you?
Cloud assessment and monitoring cloud weakness, mis configurations and identify cloud infrastructure admins miss configurations. Anylatics was
showing 11 - 20