Aqua Security acquires CloudSploit to expand into CSPM

Aqua Security, the leading platform provider for securing container-based, serverless, and cloud native applications announced its expansion into cloud security posture management (CSPM) with its acquisition of CloudSploit.

CloudSploit’s SaaS-based platform allows customers to monitor their public cloud accounts within minutes, providing visibility to their entire estate of cloud resources, and reduce threats due to misconfiguration and vulnerabilities.

CloudSploit automatically manages cloud security risk and benchmarks against industry standards to ensure compliance and has garnered impressive adoption among enterprise customers.

“We are excited to add CloudSploit to Aqua’s cloud-native security portfolio,” said Dror Davidoff, CEO of Aqua Security. “Aqua protects the world’s largest cloud native environments; with CloudSploit our customers can now continuously monitor and manage their cloud security posture across their multi-cloud infrastructures.”

CloudSploit continues Aqua’s investment in the open source community. Co-founded by Matthew Fuller and Josh Rosenthal, CloudSploit was built on open source foundations and has benefited from the contribution of cloud users and experts since its inception in 2015.

The SaaS platform addresses real-world threat scenarios and configuration challenges of enterprise users who are continually monitoring their environments to ensure their adherence to best practices and compliance. CloudSploit is the second open source investment by Aqua since August, when the company announced its acquisition of Trivy Vulnerability Scanner.

Aqua can now address both Container Security and Cloud Security Posture Management (CSPM). These are two of the top 10 security projects named in Gartner’s Top 10 Security Projects for 2019 report.

In its Market Guide for Cloud Workload Protection Platforms, Gartner also notes that: “With the growing complexity of cloud-based configurations, complete protection strategies will require a CSPM to ensure continuous, correct and compliant cloud configuration and identification of excessive risk.”

Aqua has also added significant new capabilities to its Cloud Native Security Platform (CSP), deepening protection of virtual machines. Aqua CSP now protects VMs for complete cloud workload protection.

Aqua’s VM security solution delivers file integrity monitoring, machine image assurance, network discovery and micro-segmentation to hosts for full visibility of infrastructure and application threats.

Organizations can now protect their cloud native workloads from a single control plane for improved visibility and efficient remediation.

With the addition of CloudSploit and VM Security, Aqua’s customers can more effectively manage risk and protect against threats for their multi-cloud environments across the full application stack, from infrastructure, application workloads and code.