Aqua News Aqua Security Introduces Native Runtime Protection for Pivotal Cloud Foundry

Expansion of the Aqua-Pivotal collaboration delivers comprehensive security for application development and production environments on PCF

BOSTON – July 30, 2019 Aqua Security, the leading platform provider for securing container-based and cloud native applications, announced today the public release of Aqua Security’s runtime protection for Pivotal Cloud Foundry ® (PCF) . Users of Pivotal’s platform can download and install the Aqua Security for PCF service from Pivotal Services Marketplace, and deploy an end-to-end solution for scanning, application assurance and runtime protection for their application workloads.

PCF includes a widely deployed distribution of Cloud Foundry Application Runtime (CFAR) and allows customers to implement the same application platform on any major vendor’s cloud, on premises or in a hybrid model.

“No matter where they began their journey with Pivotal, enterprises routinely begin pushing code into production faster and more frequently with our platform. Therefore, application security checks must be accessible within the deployment pipeline in order to scale safety and compliance,” said Angus MacDonald, GM Technology Ecosystem at Pivotal. “Solutions such as Aqua provide the automation and controls necessary. Together, we hope to make the task of implementing end-to-end security simpler for our customers.”

Aqua Security for PCF is offered in two tiers – standard and advanced protection.  The standard tier allows users to:

  • Scan their applications for vulnerabilities during the Continuous Integration process
  • Provision policies to block unauthorized applications during the staging phase
  • Scan and monitor application or container artifacts for vulnerabilities, malware, and user activity
  • Apply host assurance policies for application or container artifacts

Aqua’s advanced protection tier includes all of the standard features with an added layer of security, allowing users to:

  • Detect and block unapproved changes to running application workloads
  • Monitor and control application activity based on customized policies
  • View application network connections and apply firewall rules that whitelist authorized connections
  • Leverage granular audit trails of access activity, scan events and coverage, application activity and system events

Aqua Security for PCF installs natively as a Buildpack (containing the languages, runtimes, libraries, and services used by the app), and the advanced runtime protection component is implemented as a Bosh add-on, protecting all Pivotal Application Service apps without requiring any manual changes or individual re-deployments of Aqua per application.

Since introducing scanning for Pivotal Cloud Foundry last year, we have seen tremendous interest in the PCF platform at some of our largest customers”, said Upesh Patel, VP of Business Development for Aqua.  “As they progressed in their application rollouts, they are now looking to protect their production-grade applications as well, and we are pleased to deliver the complete Aqua solution for Pivotal Cloud Foundry today.”

Pivotal customers can get Aqua Security for PCF directly from the Pivotal services marketplace.


Support for PCF is available now as part of the Aqua CSP v4.2 release.

About Aqua Security

Aqua Security helps enterprises secure their cloud native, container-based and serverless applications from development to production. Aqua bridges the gap between DevOps and security, promoting business agility and accelerating digital transformation. Aqua’s Cloud Native Security Platform provides full visibility and security automation across the entire application lifecycle, using a modern zero-touch approach to detect and prevent threats while simplifying regulatory compliance. Aqua customers include some of the world’s largest financial services, software development, internet, media, hospitality and retail companies, with implementations across the globe spanning a broad range of cloud providers and on-premise technologies. For more information, visit or follow us on