Pivotal + VMware: Transforming how more of the world builds software
Marketplace dei servizi Pivotal

Aqua Security for Pivotal Platform

Application Lifecycle Security Solution for Pivotal Platform Containers

Compatible with PAS, PKS

Compatible with PAS
Can be consumed by apps on PAS

Compatible with PKS
Can be consumed by apps on PKS

Compatible with Standalone PKS
Runs on PKS with no dependency on PAS

Aqua Security for Pivotal Platform allows users to deploy an end-to-end solution for scanning, application assurance and runtime protection for their application workloads, empowering organizations to apply security best practices early in the build process to ensure that only code in compliance with their organization’s security and compliance policies is deployed.

Automatically Scan Application or Container Artifacts for Known Vulnerabilities

Application or container artifacts are scanned for vulnerabilities, secrets, and malware. Scans can be done directly from CI/CD tools (e.g. Jenkins, Visual Studio Team Services, Bamboo).

Prevent Deployment of Unapproved Application or Container Artifacts

Identify and block non-compliant application or container artifacts based on pre-configured assurance policies that check for: authorization, CVEs and score, presence of hard-coded secrets, presence of malware, compliance risks.

Monitor and control application activity based on customized runtime policies

Block unapproved changes to application workloads, view network connections to apply firewall rules, and leverage audit trails of application activity, scan coverage, and system events.

Guarda
Aqua Security for Pivotal Platform
Aqua Security Panoramica

By applying full-lifecycle container security controls to application workloads at a very granular level, Aqua combines preventive and reactive controls to protect applications in runtime, detecting and blocking attacks, and providing granular visibility and audit trails for compliance.

The Aqua Cloud Native Security Platform integrates into the build pipeline to detect issues early in the application lifecycle and minimize the attack surface. It then monitors the runtime environment and prevents malicious activity using a whitelisting policy based on both declarative information and machine-learned behavior. It also integrates with LDAP/AD, secrets stores (e.g., HashiCorp, CyberArk), collaboration tools (e.g., Slack, PagerDuty) and SIEM tools (e.g., Splunk, Sumo Logic) to enable scalable enterprise security.

Aqua’s advanced runtime protection for PCF allows users to develop customized policies to control application activity, blocking unapproved changes to running workloads, and applying firewall rules that whitelist authorized network connections. Aqua Security for PCF also enables granular audit trails of access activity, scan events and coverage, application activity and system events.

Aqua empowers enterprises to:

  • “Shift left” security, enabling DevSecOps to accelerate application delivery with full automation and no compromise on security
  • Protect workloads in runtime against known vulnerabilities, zero-day exploits, malware, and insider threats
  • Limit the impact of breaches with a container-level firewall
  • Secure their applications once, and deploy them anywhere with no need to re-configure security policies and controls
  • Meet regulatory compliance requirements such as PCI-DSS, HIPAA and GDPR

More about Aqua Security




Funzionalità di integrazione

Available as a language-agnostic meta-buildpack for deploying native integration applications in any language.

Available as a custom buildpack.

The buildpack is documented with instructions for setup and operation.

“We are proud to extend Aqua’s security capabilities to Pivotal Cloud Foundry users, enabling them to seamlessly implement and automate strong security capabilities into their production-grade application workloads, and allowing them to more closely monitor and control application activity in their PCF environment.”

Upesh Patel, Vice President of Business Development, Aqua Security

Come Funziona

  1. Developer runs a CF push command
  2. Meta buildpack is invoked and claims the build
  3. Meta buildpack invokes the relevant language buildpack
  4. Language buildpack claims the build and produces a droplet
  5. Meta buildpack invokes the Aqua Decorator
  6. Droplet contents are scanned by the Aqua Decorator; scan results are displayed in the Aqua dashboard/CI tool
  7. If droplet complies with the droplet Assurance Policy, the droplet is approved and an application is created

Runtime Enforcement is governed by policies defined in the Aqua Console
  1. User defines runtime policies in the Aqua console
  2. Policies are enforced in runtime by the Aqua agent installed as a BOSH add-on

Leggi la documentazione



Introduzione

Scarica Ora

Let's talk.

Contact us about Aqua Security for Pivotal Platform.

Grazie per l'interesse dimostrato!

Ti ricontatteremo a breve.

Grazie per l'interesse dimostrato!

Ti ricontatteremo a breve.

Contattaci