Aqua Platform
Aqua Security's CNAPP, from one of the earliest dedicated container security vendors, covering the workload lifecycle from image and registry scanning through admission control to runtime protection with drift prevention that blocks anything not present in the original image. The open-source Trivy scanner Aqua maintains also powers parts of the commercial platform.
Verified Source: 1
- Product type
- Software
- Deployment
- SaaSOn-premAgent
- Organization size
- Mid-marketEnterprise
- Pricing tier
- $$
Capability checklist
How Aqua Platform measures up against the full Container & Kubernetes Security taxonomy.
- Container image scanning — supported
- Scans container images for vulnerabilities and exposed secrets before deployment.
- Runtime threat detection — supported
- Detects anomalous process and system-call behavior in running containers.
- Kubernetes posture management (KSPM) — supported
- Flags misconfigured cluster settings, RBAC, and pod security policies.
- Admission control — supported
- Blocks noncompliant workloads from being deployed to the cluster in the first place.
- Runtime response actions — supported
- Kills, isolates, or quarantines a compromised container or pod.
- Registry scanning — supported
- Continuously rescans image registries for newly disclosed vulnerabilities.
Alternatives
Other Container & Kubernetes Security tools with overlapping capabilities, sized for similar teams.