Aqua
Security announced its new Lightning Enforcer to stop zero-day
attacks and shield critical vulnerabilities in production until a patch can be
applied. With its new eBPF technology, Aqua's Lightning Enforcer provides total
visibility into running workloads and allows security professionals to quickly
and easily identify and stop the most advanced attacks in real
time.
While "shift left" security is
a key piece to prevent vulnerabilities, misconfigurations, and supply chain
threats from reaching production environments, sometimes it's not enough.
This has led to a vast increase in the number of zero-day vulnerabilities that
are exploited in runtime. On average, a new "in the wild" exploit is discovered every 17 days. These incidents emphasize the criticality in runtime
protection and that simple scanning isn't enough.
"Last year we saw the highest
number of zero-days in history," said Amir Jerbi, CTO and co-founder at Aqua.
"As organizations around the globe strengthen their cybersecurity measures,
threat actors are seeking out new attack vectors to evade detection such as the
identification and exploitation of previously unknown vulnerabilities. To
combat this growing threat, Aqua is bringing to market an easy, safe solution
for security teams to broadly deploy runtime security and prevent zero-days."
While snapshot-based
scanning of workloads provides fast and low-friction visibility,
recent data from Aqua Nautilus shows that risks
increase significantly when relying exclusively on snapshot scanning
of running workload images. In the past three months, the Aqua
Nautilus research team saw that in one third of those cases, no file was
written to disk or no attack executed from memory, which means those
techniques could evade detection with a purely agentless solution.
Aqua Lightning Enforcer Powered
by eBPF
eBPF is a revolutionary
technology with origins in Linux that can run sandboxed programs in an
operating system kernel. It is used to extend the capabilities of the kernel
safely and efficiently without changing kernel source code or loading kernel
modules. With eBPF's flexibility, it is now possible to achieve kernel-level
visibility without compromising execution efficiency or safety.
The benefits of the Aqua
Lightning Enforcer include:
- First and last line of defense against zero-day attacks.
- Frictionless threat detection at the kernel-level without
the workload instability often found with traditional agents.
- Advanced malware detection helps meet regulatory mandates
and compliance requirements.
- Small footprint and resource consumption.
- Application-agnostic deployment across all workloads.
The Full Suite of Runtime
Protection to Stop Real-time Attacks
Aqua is the only vendor that
provides a full suite of runtime options, and Lightning rounds out Aqua's
levels of protection. With three tiers of runtime protection, customers can
balance speed and ease-of-use with the level of protection they need. Aqua offers
Cloud Workload Scanning for the easiest and quickest snapshot security,
Lightning Enforcer for a higher level of security and quick value with
little-to-no configuration, and full-agent custom mode for the most technical
teams who require the most advanced security.
Aqua's detection of anomalous
behavior goes beyond only point-in-time snapshots and catches malicious
behavior of known and unknown threats in real time-this includes both known
vulnerabilities and zero-day exploits that have yet to be disclosed. Aqua's
Runtime Protection was built based on ongoing threat intelligence feeds from
Aqua Nautilus, who detect and analyze 80,000 attacks a month using Aqua's open
source eBPF-based threat detection engine, Aqua Tracee. The result is real-time
visibility that alerts customers the moment an attacker breaches a running
workload, reducing attackers' dwell time from months to milliseconds.
"Other security vendors are
recognizing that agentless simply can't deliver holistic cloud security," said
Jerbi. "Aqua has offered an agent-based solution since day one. We've
incorporated years of innovation and research into our new Lightning Enforcer,
allowing organizations to benefit from active protection that is simple and
frictionless, complemented by Aqua's agentless scanning."