Aqua Security allows us to check for vulnerabilities in the CI/CD pipeline, so application teams can remediate issues before going into production.

Until now, we didn't have vulnerability management for our Docker images. We tried to use Docker Hub for the vulnerability, but it wasn't suitable, and I'm not sure if it is even supported today. We needed a way to understand which images are vulnerable and which are not, and to do so automatically. Aqua gives us the ability to automatically scan those images, to schedule jobs to trigger scans, and get the vulnerabilities for the Docker images so we can track them, and understand what we need to patch and where to patch.

It definitely saves us time. We didn't really have a way to do it before. It's basically impossible to do it manually when you have a fleet of Docker images. You have to have some third-party service for scanning.

Aqua improved our application security. It has given us visibility into the vulnerability of those images.

I use it to demonstrate to customers because I'm a sales engineer. Many customers want to protect their workloads and applications. 

For example, when I am using a Docker image with multiple vulnerabilities, I need to know which vulnerabilities are inside. Then I create security policies to allow or deny the deployment of containers from this image and also create a security policy for runtime. This way, when the application is running in the wild, we can guarantee that the security blocks any kind of exploitation.

Based on the rollout, we were able to gain pretty fast visibility into what was going on in our environment and integrate with existing automation and logging solutions we had in place. We were able to create detections and integrate as well with our existing security infra.

Previously, we had no visibility into the inner platform that was being operated. We didn't know the vulnerabilities the container images introduced, we didn't know how they were behaving at runtime. We were not able to restrict things as far as access goes, as far as the amount of risk we wanted to take with containers. Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out - the amount of risk that we were introducing to the platform - and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access.

We were able to define policies around containers so we could enforce our rules and restrictions to provide a more secure environment.

We use Aqua Security across the software development lifecycle.