Full Lifecycle Security for Azure Container Workloads

Protect your pipeline on Azure DevOps, and protect your applications running on AKS, ACI, ACA, and Windows Containers

The Aqua platform works seamlessly on Azure Container Service, integrating with Azure Container Registry (ACR), Azure Container Instances (ACI), Azure Container Apps (ACA), and on both Docker and Windows container formats. In addition, Aqua provides a native plug-in for Azure DevOps (formerly VSTS), enabling developers to automate security testing into their CI/CD pipeline.

Automated full-stack security for Azure AKS

Provide zero-configuration security for AKS deployments from development to production, enforcing consistent security policy and least privileges principle across the board.

Protect containers running on Azure Container Instances (ACI) and Azure Container Apps (ACA)

Aqua MicroEnforcer injects security controls into containers, making it possible to monitor and enforce policy in this serverless environments.

Protect Azure Functions

Assess the risk of Azure Functions by discovering vulnerabilities and sensitive data in function’s code and its environment variables. Prevent execution of functions that violate your organization’s security policy.

Aqua's Full Lifecycle Security Solution for Azure Containers and Azure Functions

CSPM
Cloud VM Security & Compliance
Automate Security
Runtime Protection
Serverless Risk Assessment
Secrets Management
Compliance & Forensics Visibility

Cloud Security Posture Management (CSPM)

Ensure that your Azure accounts and services are configured according to best practices, including the CIS Foundation Benchmark for Azure. Continuously scan hundreds of settings for risks and monitor events for anomalies. Automatically create and retain compliance reports for PCI, HIPAA and more.

Cloud VM Security and Compliance

Protect workloads running on Azure Virtual Machine instances and ensure they are properly hardened. Scan for vulnerabilities and malware, apply File Integrity Monitoring (FIM), check configuration against the CIS Benchmark for Linux, and monitor user access and activity. Create command-level audit trail for compliance and forensics.

Blog

Cloud VM Security with Aqua CSP

Automate Security in the CI/CD Pipeline

Automated security into your CI/CD pipeline, including Aqua native plug-in for Azure DevOps (formerly Visual Studio Team Services), to prevent the introduction of vulnerabilities, bad configurations, or secrets into container images. Aqua continuously monitors Azure Container Registry (ACR) to ensure that no new vulnerabilities are present in stored images.

Get Aqua Scanner from the Visual Studio Marketplace to scan images and functions directly in Azure DevOps

Runtime Protection

Aqua works seamlessly with Azure AKS, Azure Container Instances (ACI), and Azure Container Apps (ACA) to prevent unvetted containers from running. It automatically learns container behavior and ensures that containers only do what they are supposed to do in the application context. It detects and prevents activities that violate policy, defending against container-specific attacks.

Solution Brief

Aqua Security for Azure Container Service and Windows Containers

Download Solution Sheet

Serverless Function Risk Assessment and Mitigation

Continuously scan Azure functions to ensure that developers don’t introduce vulnerabilities into function code, or leave sensitive data (keys and tokens) unencrypted in code or in environment variables. Define security policies for Azure Functions and alert on or prevent the execution of functions that violate policy.

Blog

Serverless Security: The Importance of FaaS Risk Assessment

Serverless Function Risk Assessment and Mitigation

Secrets Management

Leverage Azure Key Vault and other secrets store to securely deploy secrets, such as passwords, keys and tokens – into containers in runtime. Aqua makes it easy to manage, rotate, and revoke secrets in containers with no downtime, running only in memory without persistence on disk.

Visibility for Compliance and Forensics

Aqua integrates with 3rd party analytics and SIEM tools including Microsoft OMS to provide single pane-of-glass visibility into security and compliance-related events, with a granular audit trail of container activities.

We strive to make the Azure Container Service as secure as possible, and empower our customers to use best practices and advanced 3rd party solutions with zero friction. We’re thrilled to partner with Aqua to make this possible for image security in ACR.

Steve Lasker
Principal Program Manager at Microsoft

The 10 Most Common Azure Configuration Challenges

In this white paper, we share the 10 most common Azure configurations that may challenge your security posture. It provides the basis for understanding how to configure the public cloud services for Microsoft Azure - a critical first step.

View the Whitepaper

Need to secure enterprise workloads?

Aqua Cloud Native Application Protection Platform (CNAPP)

Go cloud native with the experts!

Get Demo

Aqua Security

Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Use Cases

Environments

Partners

Products

Get Started