Download PDF version Contact company

Aqua Security, the pure-play cloud-native security provider announced its new Lightning Enforcer to stop zero-day attacks and shield critical vulnerabilities in production until a patch can be applied.

With its new eBPF technology, Aqua’s Lightning Enforcer provides total visibility into running workloads and allows security professionals to quickly and easily identify and stop the most advanced attacks in real time.  

Zero-day vulnerabilities

While “shift left” security is a key piece to prevent vulnerabilities, misconfigurations, and supply chain threats from reaching production environments, sometimes it’s not enough. This has led to a vast increase in the number of zero-day vulnerabilities that are exploited in runtime.

On average, a new "in the wild" exploit is discovered every 17 days. These incidents emphasise the criticality of runtime protection and that simple scanning isn't enough.

Easy, safe solution

Threat actors are seeking out new attack vectors to evade the detection of previously unknown vulnerabilities"

Last year we saw the highest number of zero-days in history,” said Amir Jerbi, CTO and co-founder at Aqua. “As organisations around the globe strengthen their cybersecurity measures, threat actors are seeking out new attack vectors to evade detection such as the identification and exploitation of previously unknown vulnerabilities."

"To combat this growing threat, Aqua is bringing to market an easy, safe solution for security teams to broadly deploy runtime security and prevent zero-days.

Agentless solution

While snapshot-based scanning of workloads provides fast and low-friction visibility, recent data from Aqua Nautilus shows that risks increase significantly when relying exclusively on snapshot scanning of running workload images.

In the past three months, the Aqua Nautilus research team saw that in one-third of those cases, no file was written to disk or no attack executed from memory, which means those techniques could evade detection with a purely agentless solution.

Aqua Lightning Enforcer powered by eBPF

eBPF is a revolutionary technology with origins in Linux that can run sandboxed programs in an operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without changing kernel source code or loading kernel modules.

With eBPF’s flexibility, it is now possible to achieve kernel-level visibility without compromising execution efficiency or safety. The benefits of the Aqua Lightning Enforcer include: 

  • First and last line defence against zero-day attacks. 
  • Frictionless threat detection at the kernel level without the workload instability often found with traditional agents.
  • Advanced malware detection helps meet regulatory mandates and compliance requirements. 
  • Small footprint and resource consumption. 
  • Application-agnostic deployment across all workloads. 

The full suite of runtime protection

With three tiers of runtime protection, customers can balance speed and ease of use

Aqua is the only vendor that provides a full suite of runtime options, and Lightning rounds out Aqua’s levels of protection. With three tiers of runtime protection, customers can balance speed and ease of use with the level of protection they need.

Aqua offers Cloud Workload Scanning for the easiest and quickest snapshot security, Lightning Enforcer for a higher level of security and quick value with little-to-no configuration, and full-agent custom mode for the most technical teams who require the most advanced security. 

Aqua Tracee

Aqua’s detection of anomalous behaviour goes beyond only point-in-time snapshots and catches malicious behaviour of known and unknown threats in real-time this includes both known vulnerabilities and zero-day exploits that have yet to be disclosed.

Aqua’s Runtime Protection was built based on ongoing threat intelligence feeds from Aqua Nautilus, who detect and analyse 80,000 attacks a month using Aqua’s open-source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds.

Simple and frictionless 

Other security vendors are recognising that agentless simply can’t deliver holistic cloud security,” said Jerbi. “Aqua has offered an agent-based solution since day one." 

"We’ve incorporated years of innovation and research into our new Lightning Enforcer, allowing organisations to benefit from active protection that is simple and frictionless, complemented by Aqua’s agentless scanning.

Download PDF version Download PDF version

In case you missed it

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...

ASSA ABLOY's mobile unlocking innovation wins award
ASSA ABLOY's mobile unlocking innovation wins award

ASSA ABLOY’s innovative new mobile access solution has won yet another prestigious industry award. At October’s Detektor International Awards, ABLOY CUMULUS received t...

Milestone enhances Care Plus with XProtect remote manager
Milestone enhances Care Plus with XProtect remote manager

Milestone Systems, a global provider of open-platform video management software (VMS), announced the release of the R2 2024 update to its XProtect platform.  This release int...

Quick poll
What's the primary benefit of integrating access control with video surveillance?