Microsoft takes a leading investment role in the container security startup, which launched its Aqua Container Security platform in May.
Aqua Security announced on Sept. 27 that it has raised $9 million in a Series A round of funding, which will be used to grow the company's go-to-market efforts as it ramps up to capitalize on the emerging opportunity for container security.
Microsoft Ventures led the Series A round of funding, which also included the participation of TLV Partners and cyber-security luminary Shlomo Kramer. Total funding to date for the company, which was founded last year, now stands at $13.5 million.
"We have been working with Microsoft because they have been very active in the container market," Dror Davidoff, CEO and co-founder of Aqua, told eWEEK
Davidoff said that the new Series A funding will help take the company to the next level of its evolution. The company's Aqua Container Security platform first became generally available
on May 18, providing enterprises with a set of capabilities to run containers securely.
Since the debut of Aqua's platform, Davidoff said his company has been working with some very large customers and has learned what large enterprises require. He added that Aqua already integrates with enterprise vendors including Hewlett Packard Enterprise, VMware, Docker Inc. and Microsoft.
"We have developed a set of integrations and APIs with the main players in the market," Davidoff said. "Some of the integrations have been based on specific customer requests."
The market for container security has become increasingly crowded in recent months, with multiple vendors and products, including Docker Inc., CoreOS and Twistlock, all vying for customer attention.
"There are a broad number of requirements for runtime security, that includes access, network and host protection, as well as privilege management," Davidoff said.
As enterprises adopt containers, they will also tend to embrace container orchestration and management platforms like Kubernetes. Davidoff sees orchestration tools as a potential attack vector.
"Since we deliver our solution as a container, we use orchestration tools," he said. "We also provide some security control points on the orchestration level."
In terms of the concerns enterprises have about container security, Davidoff said many are worried about insider risks. If a container engine is not properly configured and secured, an individual container potentially could access other containers on the same host. Enterprises are also concerned about container images coming from third parties, he said.
"We have a way to create a quota for the amount of resources that each and every container can consume," Davidoff said. "We're also looking at things that are two steps ahead and how we can identify advanced attacks."
Aqua Security has a roadmap to further improve its platform to better enable container security and enterprise application security overall.
"We feel that there is a very unique opportunity in this market to create better security," Davidoff said. "By securing Docker, at the end of the day you will have better security for enterprise applications."
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist.