Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Aqua Launches Container Security Platform

    By
    Sean Michael Kerner
    -
    May 19, 2016
    Share
    Facebook
    Twitter
    Linkedin
      container security

      The emerging market for application containers is a very fluid one, which is one of the reasons why Scalock is now rebranding itself as Aqua Security. After months in beta, the Aqua Container Security platform became generally available on May 18, providing another option to organizations looking to secure container deployments.

      “As is sometimes the case with startups, the name we chose initially ended up not fitting what we aim to do,” Amir Jerbi, co-founder and CTO of Aqua Security, told eWEEK about the name change from Scalock. “Since we’re in a place where DevOps meets security, we wanted something more fluid, literally.”

      Aqua Security has raised a total of $4.35 million since the company was started in 2015. The container security landscape has evolved rapidly over the course of the last year, with CoreOS announcing its Clair container security technology, Docker Inc. announcing its Docker Security Scanning and Twistlock debuting its container security approach. Aqua’s goal is to do more than just scan application containers looking for known vulnerabilities.

      Jerbi explained that Aqua’s image vulnerability scanning is like Docker’s approach in that Aqua looks at all the binaries in the image, including programming language components. In contrast with Docker though, Aqua supports not only Docker registries but also Amazon ECS, CoreOS Quay, JFrog Artifactory and private registries, he said.

      “We also offer a free SaaS scanner called Peekr that lets developers scan images in public or private registries,” Jerbi said. “It’s something that we will continue to develop and enhance as the market evolves.”

      Looking beyond just application vulnerability scanning, Aqua also provides a degree of runtime protections. Aqua uses a layered security approach to keep containers safe, according to Jerbi. The layered approach starts with running the container application images in learning mode, usually during functional testing. In the learning mode, Aqua examines a container’s behavior in the application context and uses that to set granular runtime parameters, based on which files, executables and network connections a container is using.

      “On top of that, we provide a user access control policy that is specific to a container or application,” he said. “On top of that, we apply network controls by application and, finally, we also monitor for malicious behaviors like port scanning, socket bombing, etc.”

      As such, the Aqua platform combines declarative and behavioral methods with learning as part of a layered approach to secure containers. Another key part of the overall container security landscape are existing controls in a host Linux operating system.

      “Where it makes sense, we leverage the native Linux security controls—for example, we use netfilter and cgroup to restrict container activity,” Jerbi said. “We fill the gaps where more granular container-specific controls are needed with our own technology, since Linux security controls work at the operating systems resources level and don’t understand the container entity.”

      Aqua is part of the Linux Foundation’s Open Container Initiative (OCI), which is aiming to define standards for containers. Jerbi noted that OCI is still in its early days, but he said it’s important for the industry as a whole to agree on standards and interoperable technologies.

      “Docker the container format is obviously the most popular today, but we are seeing others in use,” Jerbi said. “Currently, we support Docker, but we are planning to support runc-compliant engines.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×