Securing K8s Apps on Google Cloud Platform
Aqua provides full lifecycle security for cloud native applications running on Google Cloud Platform, including automated deployment on GKE via the GCP Marketplace.
Get Aqua on the GCP MarketplaceThe Aqua Container Security Platform (CSP) works seamlessly on Google Cloud Platform, integrating with its container services, as well as with Google’s Cloud Security Command Center (SCC) to deliver container-level alerts that help security teams gather data, identify threats and take immediate action before they result in business damage or loss.
Secure Kubernetes apps with our pay-as-you-go solution
Deploy Aqua’s native solution for GKE Kubernetes apps directly from the GCP Marketplace, and pay only for the nodes that you protect while they’re running.
Security for Google Kubernetes Engine (GKE) Deployments
Provide zero-configuration security for GKE deployments from development to production, enforcing consistent security policy and least privileges principle across the board.
Centralized Visibility and
Real-Time Detection
Aqua integrates with Google’s Cloud Security Command Center to provide single pane-of-glass visibility into security and compliance-related events.
Cloud Security Posture Management (CSPM)
Ensure that your Google Cloud accounts and services are configured according to best practices, including the CIS Foundation Benchmark for Google Cloud. Continuously scan hundreds of settings for risks and monitor events for anomalies. Automatically create and retain compliance reports for PCI, HIPAA and more.
Cloud VM Security and Compliance
Protect workloads running on Google Compute Engine instances and ensure they are properly hardened. Scan for vulnerabilities and malware, apply File Integrity Monitoring (FIM), check configuration against the CIS Benchmark for Linux, and monitor user access and activity. Create command-level audit trail for compliance and forensics.
Image Vulnerability Scanning & Assurance
Prevent unauthorized images from running in your GKE environment. Continuously scan images stored in Google Container Registry (GCR) to ensure that DevOps teams do not introduce vulnerabilities, bad configurations, malware, or secrets into container images. Get actionable recommendations for remediation of security issues.
Runtime Protection
Aqua works seamlessly with Google Kubernetes Engine (GKE) to prevent unvetted containers from running, and prevent approved containers from performing unauthorized actions. It automatically learns container behavior and ensures that containers only do what they are supposed to do in the application context. It detects and prevents activities that violate policy, defending against container-specific attacks.
Secrets Management
Leverage 3rd party vaults, including HashiCorp Vault and CyberArk EPV, to securely deploy secrets (passwords, keys and tokens) to containers in runtime. Aqua makes it easy to manage, rotate, and revoke secrets in containers with no downtime, running only in memory without persistence on disk.
Visibility for Compliance and Security
Aqua integrates with 3rd party SIEM and security management tools, including Google’s Cloud Security Command Center (SCC) to provide single-pane-of-glass visibility into security and compliance-related events, and policy management for container security monitoring and policy violation detection.
Aqua support for Google Grafeas
Aqua supports Google Grafeas, providing image vulnerability results to Grafaes.
We are constantly developing new solutions to ensure customers are armed with the tools needed to combat today's security challenges, with new container runtime security capabilities in Cloud SCC, and technical integrations such as with Aqua Security, we are giving customers the tools they need to protect containers.
Andy ChangProduct Manager, Google Cloud
