Aqua Security has launched version 4.0 of the Aqua cloud-native security platform. The latest version brings new security and compliance controls to serverless functions and Linux hosts.
As the company puts it, Aqua 4.0 includes a full chain of controls to discover functions across multiple cloud accounts, scan them for vulnerabilities, detect excessive permissions and configuration issues, and provide function assurance – preventing the execution of untrusted or high-risk functions based on defined policies.
The key controls for serverless environments include functions discovery, vulnerability scanning, CI/CD integration, permissions assessment, sensitive data assessment, function assurance and function anomaly detection.
Another addition to the Aqua platform is tighter controls to secure the Linux hosts that run containers. This takes care of potential risks from vulnerabilities such as the one discovered earlier this year when a severe new vulnerability (CVE-2019-5736) was disclosed in runc.
The company said it will make available Aqua CSP v4.0 in mid-March for both existing customers and new deployments.