Aqua Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.

Multi-Cloud visibility

Rapid Remediation

CSPM + Cloud Native Security

Gain visibility into your risk and compliance posture across cloud accounts

Aqua CSPM continually audits your cloud accounts for security risks and misconfigurations across hundreds of configuration settings and compliance best practices, enabling consistent, unified multi-cloud security.

Fix configuration errors before they’re exploited

Aqua provides self-securing capabilities to ensure your cloud accounts don’t drift out of compliance. Get detailed, actionable advice and alerts, or choose automatic remediation of misconfigured services with granular control over chosen fixes.

Read about Self-Securing Infrastructure

Implement CSPM to bolster your cloud native security

Apply consistent policies across all your cloud native deployments, combining cloud workload protection for VMs, containers, and serverless, with cloud infrastructure best practices for full-stack security.

Aqua CSPM Editions

SaaS

Aqua CSPM is the comprehensive solution for multi-cloud security posture management. Try it now on our SaaS Platform

Plans & Pricing Start Free

Open Source

Secure the configuration of individual public cloud services with CloudSploit, the core plugin engine behind Aqua CSPM.

View on GitHub

The Essential Guide to CSPM (Cloud Security Posture Management)

The rapid pace of cloud change, combined with multi-cloud architectures and growing compliance requirements, make the cloud environment increasingly complex and mistakes almost inevitable. A single misconfiguration in one service can quickly escalate to a serious security issue. With data breaches now becoming the norm, organizations need a novel and comprehensive approach to tackle cloud security challenges.

Get the Guide to CSPM

CIS Benchmark Auditing
Auto-Remediation
IaC Scanning
Compliance Reporting
Control Plane Monitoring
Open Source Architecture

Continuous CIS Benchmark Auditing

Get reports mapped to and certified by the Center for Internet Security (CIS) Foundation Benchmark tests for public clouds, to evaluate the security of your cloud accounts and ensure compliance.

Auto-Remediation for Self-Securing Infrastructure

Select configurations to be automatically fixed if they drifted out of policy by granting specific and temporary authenticated access for each selected check.

Blog

Achieving a Self-Securing Infrastructure in Public Clouds

Read the Blog

Infrastructure-as-Code Template Scanning

Check Terraform and AWS CloudFormation templates for security issues before your applications are deployed. Applying “shift left” security reduces your risk and security incidents in production.

Blog

Achieving a Self-Securing Infrastructure in Public Clouds

Read the Blog

Extensive Compliance Reporting

Use ready-made scans and reports for PCI-DSS, HIPAA, Well-Architected Framework, GDPR, and for custom compliance requirements. Your reports can be by region, cloud provider service category (e.g., AWS EC2, AWS S3), severity level, etc. Export as CSV or PDF. You can also build your own customized alerts for specific types of checks and conditions.

Real-Time Control Plane Events Monitoring

Gain visibility into all your cloud control-plane API calls in real time. Analyze events for security-sensitive changes or potentially malicious activity, based on out-of-the-box rules created by security experts, with no additional configuration required.

Built for Enterprise Scale

Support for multiple users and teams across hundreds of cloud accounts with SSO using SAML 2.0. Aqua CSPM integrates with SIEM and collaboration tools, including Splunk, Slack, OpsGenie, PagerDuty, Microsoft Teams, and more. Fully documented RESTful APIs make it easy for you to create additional integrations and automate workflows.

Extensible Open Source Architecture

At its core, Aqua’s CSPM offering is based on our CloudSploit open source project. Open source provides full transparency into why, what, and how your cloud accounts are tested. With its extendable plugin architecture, you can also develop new or update existing plugins to address any emerging or customer-specific requirements.

Get CloudSploit by Aqua

Cloud Security Report: Cloud Configuration Risks Exposed

This report summarizes 12 months of anonymized cloud service configuration data from real production environments observed by Aqua Security. The data outlines the configuration challenges faced by teams that use cloud service accounts for their applications.

View the Cloud Security Report

Explore More

Whitepaper

The Essential Guide to Cloud Security Posture Management (CSPM)

Download the Whitepaper

Case Study

A CloudSploit Case Study:
Trek10's Three AWS Cloud Security Concerns
& One Solution

Solution Sheet

Aqua Dynamic Threat Analysis (DTA) for Aqua CSPM

Download Solution Sheet

Developer, Team, Advanced, Premier

Choose the right size plan for your business

Aqua Plans & Pricing

The fastest track to secure cloud native

Aqua SaaS: Cloud native security as-a-service

Get Started

Aqua Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform is the leading Cloud Native Application Protection Platform (CNAPP) and provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure and secure running workloads wherever they are deployed. Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions and cloud VMs.