Aqua News Aqua Security Expands into Cloud Security Posture Management (CSPM) with the Acquisition of CloudSploit

Aqua also deepens its VM Security capabilities for comprehensive cloud workload protection

BOSTON – November 12, 2019 Aqua Security, the leading platform provider for securing container-based, serverless, and cloud native applications today announced its expansion into cloud security posture management (CSPM) with its acquisition of CloudSploit.
CloudSploit’s SaaS-based platform allows customers to monitor their public cloud accounts within minutes, providing visibility to their entire estate of cloud resources, and reduce threats due to misconfiguration and vulnerabilities. CloudSploit automatically manages cloud security risk and benchmarks against industry standards to ensure compliance and has garnered impressive adoption among enterprise customers.

“We are excited to add CloudSploit to Aqua’s cloud-native security portfolio,” said Dror Davidoff, CEO of Aqua Security. “Aqua protects the world’s largest cloud native environments; with CloudSploit our customers can now continuously monitor and manage their cloud security posture across their multi-cloud infrastructures.”

CloudSploit continues Aqua’s investment in the open source community. Co-founded by Matthew Fuller and Josh Rosenthal, CloudSploit was built on open source foundations and has benefited from the contribution of cloud users and experts since its inception in 2015. The SaaS platform addresses real-world threat scenarios and configuration challenges of enterprise users who are continually monitoring their environments to ensure their adherence to best practices and compliance. CloudSploit is the second open source investment by Aqua since August, when the company announced its acquisition of Trivy Vulnerability Scanner.

Aqua can now address both Container Security and Cloud Security Posture Management (CSPM). These are two of the top 10 security projects named in Gartner’s Top 10 Security Projects for 2019 report¹.

In its Market Guide for Cloud Workload Protection Platforms, Gartner also notes that: “With the growing complexity of cloud-based configurations, complete protection strategies will require a CSPM to ensure continuous, correct and compliant cloud configuration and identification of excessive risk.”²

Aqua has also added significant new capabilities to its Cloud Native Security Platform (CSP), deepening protection of virtual machines. Aqua CSP now protects VMs for complete cloud workload protection. Aqua’s VM security solution delivers file integrity monitoring, machine image assurance, network discovery and micro-segmentation to hosts for full visibility of infrastructure and application threats. Organizations can now protect their cloud native workloads from a single control plane for improved visibility and efficient remediation.
With the addition of CloudSploit and VM Security, Aqua’s customers can more effectively manage risk and protect against threats for their multi-cloud environments across the full application stack, from infrastructure, application workloads and code. To learn more about CloudSploit by Aqua please visit our CloudSploit page, and for additional information on Aqua’s VM Security solution, visit our Cloud VM page.

Join us for our webinar on December 12th to learn more about CloudSploit:

¹Gartner “Top 10 Security Projects for 2019,” Brian Reed, et al, 11 February 2019
²Gartner “Market Guide for Cloud Workload Protection Platforms,” Neil MacDonald, 8 April 2019

Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Aqua Security
Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines. Aqua bridges the gap between DevOps and security, promoting business agility and accelerating digital transformation. Aqua’s Cloud Native Security portfolio provides full visibility and security automation across the entire application lifecycle and infrastructure, using a modern zero-touch approach to detect and prevent threats while simplifying regulatory compliance. Aqua customers include some of the world’s largest financial services, software development, internet, media, hospitality and retail companies, with implementations across the globe spanning a broad range of cloud providers and on-premise technologies. For more information, visit or follow us on