There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management. Another challenge lies in the difficulty and complexity of the installation process. Deploying core components is not straightforward; it poses challenges that need to be addressed.

I don't recall coming across any missing features. 

It's a bit hard to use the user roles. That was a bit confusing. That was from the interface side, the application from which we logged into Aqua. That needs a bit of improving. The admin was a bit confusing. 

I have not witnessed any shortcomings in terms of the product's usability.

The solution could improve user-friendliness.

We would like to see an improvement in the overview visibility that this solution offers.

The runtime security element of this solution could also be improved, in order for it to be more universally usable.

Aqua Security could improve the forwarding of logging into Splunk and into other tools, it should be easier.

In the future, Aqua Security should work on minimizing its footprint because it consumes a lot of resources on the cluster itself. We are receiving a lot of logs out of it, but there was some problem with receiving the events in the right order. It should also concentrate on not only collecting logs but events, traces,  and somehow into the metrics side.

In the next release, Aqua Security should add the ability to automatically send reports to customers.

Something we would like to see is a better way to automatically fetch old Tags from an image. That might be something they have improved. We're not sure if they have added that feature or not yet. It's something that would be a nice-to-have.

Sometimes I got stressed with the UI. It's not a problem, it's just the theme while using the 5.0 version is different from the current version 6.0. 

It could have more security prospects or even offer some kind of add-on for security. 

I'd like to see the IaC vulnerabilities also. We'd like to do vulnerability scans around it. 

Aqua Security lacks a lot in reporting. It provides all the open issues, but no actionable solution is provided. There's no intelligence behind the reporting, so that can be improved. Also, it could be a cheaper solution. However, it is costly because it's a very small market and the first of its kind.

Regarding additional features, we would like to see better log ingestion. For example, if we have an EDR or a SOC, we want the SOC, the cloud and the container security to interact better. That means the cloud should have better ingestion of logs and SOC logs and be able to give more heuristic analysis of security issues rather than just ones and zeros.

The licensing model could be better because it has a scalable container environment. If we're working in a small environment, it is fine, but if we have a large environment, we can't predict the traffic for the day. If the marketing team decides to launch a campaign with high traffic, then we won't have licenses available for all our ports. Therefore, the licensing model needs to be rethought, and we can't have per-port licenses because ports can increase.

The user interface could be improved, especially in terms of organization and clarity. Additionally, more comprehensive examples for deployments and feature usage would be helpful.

Maybe more plugins or something that makes it easier to integrate with CICD pipelines or interact with APIs.

Since we were able to work with them closely and provide suggestions to them, and they would take action right away, we didn't have much else for them to improve on. 

However, perhaps the network visibility side could be improved, although I think they've taken action on that, based on the latest releases. They might have already improved the process on the network visibility aspect.

The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better. An integration with WAF would be very good too.

Aqua Security could provide more open documentation so that their learning resources can be more easily accessed and searched through online. Right now, a lot of the documentation is closed and not available to the public. I would be much happier if they chose to share more documentation and resources when it comes to their knowledge base.

As for extra features that I would like to see, source code scanning is on the top of my list. To be clear, I don't mean code scanning in terms of source code composition, but rather I would like to see more in the way of code analysis that tells you whether the code you're writing adheres to the current best practices or not.

I would like Aqua Security to look into is the development of a web security portal. That is what I want them to look into next.

We work with another Philippine company that will be providing local support, but our company has more traction with the executives of our clientele. We'd rather have the same skillset or improve our skillsets to be trained by our Aqua counterpart. We haven't done any trainings apart from a webinar. Since we are working from home, we would like to have the proper training for Aqua.

They want to release improvements to their product to work with other servers because now there are more focused on the Kubernetes environment. They need to improve the normal servers. I would like to have more options.