Securing K8s Apps on Google Cloud Platform
The Aqua Container Security Platform (CSP) works seamlessly on Google Cloud Platform, integrating with its container services, as well as with Google’s Cloud Security Command Center (SCC) to deliver container-level alerts that help security teams gather data, identify threats and take immediate action before they result in business damage or loss.
Deploy Aqua’s native solution for GKE Kubernetes apps directly from the GCP Marketplace, and pay only for the nodes that you protect while they’re running.
Deploy Aqua’s native solution for GKE Kubernetes apps directly from the GCP Marketplace, and pay only for the nodes that you protect while they’re running.
Provide zero-configuration security for GKEdeployments from development to production, enforcing consistent security policy and least privileges principle across the board.
Aqua integrates with Google’s Cloud Security Command Center to provide single pane-of-glass visibility into security and compliance-related events.
Image Vulnerability Scanning & Assurance
Prevent unauthorized images from running in your GKE environment. Continuously scan images stored in Google Container Registry (GCR) to ensure that DevOps teams do not introduce vulnerabilities, bad configurations, malware, or secrets into container images. Get actionable recommendations for remediation of security issues.
Runtime Protection
Aqua works seamlessly with Google Kubernetes Engine (GKE) to prevent unvetted containers from running, and prevent approved containers from performing unauthorized actions. It automatically learns container behavior and ensures that containers only do what they are supposed to do in the application context. It detects and prevents activities that violate policy, defending against container-specific attacks.
Secrets Management
Leverage 3rd party vaults, including HashiCorp Vault and CyberArk EPV, to securely deploy secrets (passwords, keys and tokens) to containers in runtime. Aqua makes it easy to manage, rotate, and revoke secrets in containers with no downtime, running only in memory without persistence on disk.
Visibility for Compliance and Security
Aqua integrates with 3rd party SIEM and security management tools, including Google’s Cloud Security Command Center (SCC) to provide single-pane-of-glass visibility into security and compliance-related events, and policy management for container security monitoring and policy violation detection.
Aqua support for Google Grafeas
Aqua supports Google Grafeas, providing image vulnerability results to Grafaes.