BOSTON, November 1, 2023 – Aqua Security, the pioneer in cloud native security, today announced that it was granted a patent (11762986) for its MicroEnforcer technology to secure serverless containers, sometimes referred to as container-as-a-service (CaaS), environments. The patent was submitted when Aqua first launched this capability in 2018, and it has now been granted.
Serverless containers have become cornerstones of modern cloud native applications, offering unparalleled convenience and scalability. Available through major cloud service providers via services such as AWS Fargate, Azure Container Instances (ACI), and Google Cloud Run, they enable developers and enterprises to focus on building and running applications with a high degree of elasticity and scale, without the complexities of managing cloud VM instances and complex orchestration infrastructure. While the predominant method for providing real-time protection for containers running on Kubernetes nodes is via agents that access the underlying operating system (usually Linux), with serverless containers, this is not possible – they require a different method. Aqua MicroEnforcer has been the pioneering technology to use code embedded into the containers to achieve this.
The patent, described as “a system for securing software containers with embedded agents,” covers the technology and methods used to embed the agent as a new layer, authenticate the container image by matching its cryptographic fingerprint, and control the running container to ensure its integrity and that it does not violate security policies.
“Obtaining this patent validates our commitment to addressing customers’ needs, and it affirms our position as a leader in the cloud native security space,” said Amir Jerbi, CTO and co-founder at Aqua. “Aqua enables its customers to be protected wherever they run, leveraging a single interface. Whether on-prem or virtual machines, or if you’re running Kubernetes in public or private clouds, Red Hat OpenShift, AWS Fargate, Azure, or VMWare Tanzu, Aqua customers can embrace the full spectrum of cloud native technologies without compromising on security.”
Spotnana, a corporate travel-as-a-service platform provider, validates the value of Aqua’s MicroEnforcers for securing serverless containers. “We were building the security function from the ground up and lacked telemetry and protection on our AWS containers. Without forensic evidence of what was happening on those containers, we couldn’t harden runtime, and certainly couldn’t prevent anything from happening at runtime,” says Gabriel Alexandru, Senior Security Engineer, adding that: “Aqua Security had the most comprehensive functionality I’d seen. It not only had full telemetry capabilities, but also hardening functionality that helped us prevent running unknown binaries, cryptomining and much more.”
As part of Aqua’s unified Cloud Native Application Protection Platform (CNAPP), MicroEnforcers provide real-time drift detection and behavioral analytics, ensuring continuous compliance and security throughout the container’s lifecycle. This innovative approach provides workload protection without significant overhead and makes security an integral part of any container’s default configuration. Since launching this capability in 2018, Aqua MicroEnforcer technology has been used by many of Aqua’s Fortune 500 customers to secure millions of running containers.
Visit Aqua’s website to learn more about Aqua’s MicroEnforcer technology and the newly granted patent.
About Aqua Security
Aqua Security sees and stops attacks across the entire cloud native application lifecycle in a single, integrated platform. From software supply chain security for developers to cloud security and runtime protection for security teams, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry’s most comprehensive Cloud Native Application Protection Platform (CNAPP). Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com.