Aqua Cloud Native Application Protection Platform

I have been testing various solutions to ensure which one is the best fit to protect data, applications, and infrastructure in cloud environments. We are distributors in Turkey, focusing on promoting cost-effective security solutions in the market. When engaging with enterprise clients, particularly in the financial sector such as banks, I emphasize the importance of robust security measures. During customer visits, they express a keen interest in technical support and want demonstrations of software source code management, security support for software chains, and workflow protection.

The most crucial aspect is runtime protection, specifically image scanning before preproduction and deployment. Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment. This feature ensures that customers can identify any potential issues with the image, such as misconfigurations or vulnerabilities, before integrating it into their workloads and infrastructure. In their source pipeline, companies can identify issues before deploying changes. This is crucial because customers prefer resolving any problems or misconfigurations before the deployment process. Software change security, including GSPM Cloud, is a key feature customers seek in their infrastructure.

There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management. Another challenge lies in the difficulty and complexity of the installation process. Deploying core components is not straightforward; it poses challenges that need to be addressed.

I have been using it for eight months.

I would rate its stability capabilities seven out of ten. Upon opening the dashboards and navigating to VM, there are instances where I can't see the information.

It excels in scalability, and it stands out as a particularly flexible and complex solution. This flexibility contributes to its superior scalability compared to other solutions like Prisma Cloud, which is notably less scalable. I would rate it eight out of ten.

The technical support is highly responsive and exceptionally helpful. When I report an issue, they address it promptly and efficiently. I would rate it ten out of ten.

Positive

The initial setup is complex.

The deployment time is quite lengthy. For instance, if you're integrating into the supply chain, the process demands more time, potentially spanning several days. Installing components like source code management and workflow protection is particularly challenging. This difficulty is intertwined with the infrastructure, determining how many workloads can be accommodated. In a smaller environment, installation might be feasible, say, between two to three hosts. However, challenges persist, such as the inability to install GitHub  due to the absence of a connector. Despite efforts, connecting with other platforms like Scenic proves troublesome, unlike the seamless connection experience with NetApp.

It comes at a reasonable cost. When compared to Prisma Cloud, it is more budget-friendly.

This is an excellent solution, particularly for countries with stringent regulations like Turkey, Vietnam, and Russia. In these regions, high-level enterprise customers, driven by regulatory constraints, often refrain from using cloud accounts such as AWS  and Google Cloud . Aqua provides a fulfilling on-premises solution, which is highly valuable. Overall, I would rate it nine out of ten.

I'm using it for workload protection. So, in most cases, for protecting containers, verifying Kubernetes configurations, cloud configurations, and identifying security misconfigurations, vulnerabilities, and risks.

I use it to demonstrate to customers because I'm a sales engineer. Many customers want to protect their workloads and applications. 

For example, when I am using a Docker image with multiple vulnerabilities, I need to know which vulnerabilities are inside. Then I create security policies to allow or deny the deployment of containers from this image and also create a security policy for runtime. This way, when the application is running in the wild, we can guarantee that the security blocks any kind of exploitation.

There are many features that I really like. For example, the runtime policies are very easy to configure, and they are scalable across all environments. The DTA, which stands for Dynamic Threat Analysis, allows me to analyze Docker images in a sandbox environment before deployment, helping me anticipate risks.

The user interface could be improved, especially in terms of organization and clarity. Additionally, more comprehensive examples for deployments and feature usage would be helpful.

Maybe more plugins or something that makes it easier to integrate with CICD pipelines or interact with APIs.

I've been using it for about three years. I'm using the SaaS version.

I would rate the stability an eight out of ten.

It is a scalable solution. I would rate the scalability a ten out of ten. 

The customer service and support are good. 

Positive

The initial setup was very straightforward.

For me, it's a fair price.

I would definitely recommend using the solution. It's a very scalable solution with multiple features that help us protect our cloud environment effectively.

Overall, I would rate the solution a nine out of ten.