Aqua News Aqua Security Collaborates with VMware to Deliver Runtime Application Protection Across Virtualized and Container-Based Environments

Combination of Aqua with VMware AppDefense will Extend Visibility and Least Privilege Enforcement into Containerized Applications

SAN FRANCISCO / RSA Conference 2018 – 17 April 2018 – Aqua Security, the market-leading platform provider for securing containers and cloud-native applications, today announced a collaboration with VMware that will enable customers to protect applications deployed across both virtual machines and containers. Announced today at RSA Conference 2018, the combination of Aqua Container Security Platform with VMware AppDefense will provide enterprise security teams with a security solution that delivers a single-pane-of-glass to secure applications that include both containerized and non-containerized components.

VMware AppDefense uniquely protects applications running in virtualized environments by monitoring applications against their intended state – what they’re supposed to do – and automatically responding when they deviate from that intended state, indicating a potential threat. This dramatically shrinks the attack surface, enables a much more agile/DevOps approach to security, and provides an interface into the software defined datacenter for the security operations team. VMware AppDefense uses its integration with DevOps systems, artificial intelligence and machine learning applied to massive data sets, and hypervisor-based visibility to understand the intended state of a distributed application to help customers achieve Cyber hygiene at scale.

The Aqua Container Security Platform (CSP) is a full-lifecycle security solution for containers and cloud-native applications that deeply integrates into the build pipeline to detect issues early in the DevOps cycle and minimize the attack surface. It then monitors the runtime environment and is able to prevent malicious activity using a whitelisting policy based on both declarative information and machine-learned behavior, an approach that is designed to ensure applications are only doing what they are supposed to do.

Key features of this combined security solution will enable:

  • Visibility across VMs and containers: Shows security posture of running containers within the AppDefense console, including vulnerability status, approved and unapproved running containers, and policy violation alerts.
  • Container Image Assurance: Prevents images that don’t meet the security requirements or were not vetted from being deployed, and enforces drift prevention that is designed to ensure running containers are derived from approved images.
  • Monitoring and enforcement: Detection and automated response to container-level policy violations within AppDefense
  • Auditing and compliance: Unified event logging within AppDefense for container-level processes and policy violations

“We are thrilled to be collaborating with VMware to deliver this unified solution for today’s hybrid applications,” noted Dror Davidoff, co-founder and CEO, Aqua Security. “VMware AppDefense utilizes the same principles used by the Aqua platform, namely, that good application behavior should be learned and understood, then applied to enforce least privileges in runtime. This fit will enable our teams to deliver a solution that gives security teams an easy, unified approach to modern application security.”

“As organizations deploy applications across increasingly diverse data center endpoints and hybrid cloud environments, security must address the application layer in an efficient and scalable way that supports those modalities,” said Tom Corn, senior vice president and general manager, security products at VMware. “Aqua Security’s in-depth visibility and control in containerized applications offers customers a valuable extension and enhancement to VMware AppDefense that will enable security teams to secure applications at a more granular level, regardless of how they are deployed.”

Aqua’s platform is currently in use by dozens of Global 1,000 customers, providing the most comprehensive full-lifecycle solution for securing container-based and cloud-native applications, running on-prem or in the cloud, supporting both Linux and Windows runtime environments and all orchestration platforms.

The combined Aqua Security and VMware security solution will be generally available in VMware’s Q2 Fiscal 2019 ending on July 3, 2018. For additional information:


About Aqua Security
Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. Aqua’s Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua was founded in 2015 and is backed by Lightspeed Venture Partners, Microsoft Ventures, TLV Partners, and IT security leaders, and is based in Israel and Boston, MA.  For more information, visit or follow us on

VMware and AppDefense are registered trademarks or trademarks of VMware, Inc. in the United States and other jurisdictions.