Aqua Cloud Security Platform Reviews

The most valuable feature is the on-demand patching. There are times when vulnerabilities don't have available fixes, and Aqua Security allows it to pass the vulnerability in real-time while the fix is being developed.

Their sandboxing service is also really good. When we download an open source tool, we can run it in a sandbox environment and see if there are any back holes or trap doors in the code. However, we don't like that their services are in the US.

Aqua Security lacks a lot in reporting. It provides all the open issues, but no actionable solution is provided. There's no intelligence behind the reporting, so that can be improved. Also, it could be a cheaper solution. However, it is costly because it's a very small market and the first of its kind.

Regarding additional features, we would like to see better log ingestion. For example, if we have an EDR or a SOC, we want the SOC, the cloud and the container security to interact better. That means the cloud should have better ingestion of logs and SOC logs and be able to give more heuristic analysis of security issues rather than just ones and zeros.

The licensing model could be better because it has a scalable container environment. If we're working in a small environment, it is fine, but if we have a large environment, we can't predict the traffic for the day. If the marketing team decides to launch a campaign with high traffic, then we won't have licenses available for all our ports. Therefore, the licensing model needs to be rethought, and we can't have per-port licenses because ports can increase.

We have been using this solution for over a year. It is a managed service and deployed on cloud.

It is a good solution and is stable. Their services are good, and they provide good responses. If there are business-related issues, they will contact you and answer your questions on priority.

Swisslog and Aqua Security work with a very similar pricing model as they have an agent deployed in a cluster that covers all the containers or namespaces in that cluster. Now, if clusters are also scalable, which is the case in containers, the number of licenses consumed increases.

Aqua Security charges per license. So we usually take their licenses in our testing and QA environment. However, we limit it in the production environment because, in QA testing, our environment expands and collapses because developers are testing. So in production, we can forecast how many licenses we may need in the future.

However, if there is no production system, we cannot account for the number of fraud and containers and we will have to pay through the roof for these solutions because they charge for containers per port for every single agent they deploy.

About 20 to 30 people use Aqua Security from the DevOps and security team. They use the solution because they handle the infrastructure and security.

The technical support is good, and they reply on time.

The initial setup was easy.

I rate the price a four out of ten, with one being a high price and ten being a reasonable price. It is a costly solution.

Aqua Security is an on-demand service. Swisslog just launched a product, but it is not as good as Aqua Security in terms of accuracy. Swisslog is integrated with the package and with Aqua Security, you need to pay more for the first scan.

I rate this solution a seven out of ten.

We use Aqua Security for the container security features.

We use Aqua Security across the software development lifecycle.

We find the Docker and Kubernetes support for container security most valuable.

I would like Aqua Security to look into is the development of a web security portal. That is what I want them to look into next.

We have thousands of dedicated users. They are pharmacists, healthcare providers, doctors, insurance companies, etc. They are the end users. On our staff are the administrators.

The technical support is good. Whenever we open a ticket, the people are quite helpful about it.

Setup was initially complex before the 3.9 version. We were on version 3.7 and it has been a challenge compared to version 3.11. Deployment was done once or twice in a week.

We are using an in-house regiment. For deployment, we are using automation.

We used a reseller to provide quality. He's the guy who we bought the license from initially. He managed the implementation.

I would rate this product between 7 and 8 out of 10 for container security features.

I'm using it for workload protection. So, in most cases, for protecting containers, verifying Kubernetes configurations, cloud configurations, and identifying security misconfigurations, vulnerabilities, and risks.

I use it to demonstrate to customers because I'm a sales engineer. Many customers want to protect their workloads and applications. 

For example, when I am using a Docker image with multiple vulnerabilities, I need to know which vulnerabilities are inside. Then I create security policies to allow or deny the deployment of containers from this image and also create a security policy for runtime. This way, when the application is running in the wild, we can guarantee that the security blocks any kind of exploitation.

There are many features that I really like. For example, the runtime policies are very easy to configure, and they are scalable across all environments. The DTA, which stands for Dynamic Threat Analysis, allows me to analyze Docker images in a sandbox environment before deployment, helping me anticipate risks.

The user interface could be improved, especially in terms of organization and clarity. Additionally, more comprehensive examples for deployments and feature usage would be helpful.

Maybe more plugins or something that makes it easier to integrate with CICD pipelines or interact with APIs.

I've been using it for about three years. I'm using the SaaS version.

I would rate the stability an eight out of ten.

It is a scalable solution. I would rate the scalability a ten out of ten. 

The customer service and support are good. 

Positive

The initial setup was very straightforward.

For me, it's a fair price.

I would definitely recommend using the solution. It's a very scalable solution with multiple features that help us protect our cloud environment effectively.

Overall, I would rate the solution a nine out of ten. 

We use Aqua Security for securing our container applications, particularly when it comes to the runtime stage.

There are about five of us from the security side of my company who directly use this solution.

The most helpful feature of Aqua Security is Drift Prevention, which is a feature that allows images to be immutable. In addition, one of the main reasons we went with Aqua Security is because it provides strong protection when it comes to runtime security.

Aqua Security could provide more open documentation so that their learning resources can be more easily accessed and searched through online. Right now, a lot of the documentation is closed and not available to the public. I would be much happier if they chose to share more documentation and resources when it comes to their knowledge base.

As for extra features that I would like to see, source code scanning is on the top of my list. To be clear, I don't mean code scanning in terms of source code composition, but rather I would like to see more in the way of code analysis that tells you whether the code you're writing adheres to the current best practices or not.

I have been using Aqua Security for about a year now.

In terms of stability, I would give Aqua Security 4/5 stars.

I would give the scalability a 5/5 stars because it basically scales by itself. It's just the licensing that restricts your usage.

The technical support is sometimes quick and responsive, but at other times it may take a bit longer to get assistance.

Neutral

Aqua Security is one of the first solutions I have used for container security, however I have also taken a look at ACS from Red Hat, Snyk, and Prisma from Palo Alto.

We went with Aqua Security mainly because we believe they offer the strongest protection in terms of runtime security.

The setup was a little complex but not too complicated. The difficulty level lies somewhere in the middle between easy and hard.

We implemented Aqua Security mostly by ourselves, but we also took advice from a consultant. Our implementation strategy mainly involved the use of Java forms with manifest files, then we slowly deployed one component at a time.

In all, the basic deployment took just a few hours, but there is always more work to be done afterwards in terms of configuration, integrations, and properly getting started with it in our environment. It's hard to put a number on the hours required, but it probably took a few days to get everything configured and ready to be used.

Dealing with licensing costs isn't my responsibility, but I know that the licenses don't depend on the number of users, but instead are priced according to your workload.

I would rate Aqua Security a seven out of ten.

Aqua Security allows us to check for vulnerabilities in the CI/CD pipeline, so application teams can remediate issues before going into production.

Aqua Security helps us to check the vulnerability of image assurance and check for malware.

In the next release, Aqua Security should add the ability to automatically send reports to customers.

I've been using Aqua Security for between two to three years.

Aqua Security's stability is very good.

Aqua Security can be scaled up and down depending on your needs.

Aqua Security's technical support is usually quite responsive.

Positive

There were some challenges with the initial setup.

We used an in-house team.

Aqua Security is the most advanced solution in the market for container security. I would rate it as eight out of ten.

We use this solution to secure cloud media applications that are developed for containers and cloud-native services like ETS, AKS and GCP.

I am the only one using this product in our company.

The CSPM product is great at securing our cloud accounts and I really like the runtime protection for containers and functions too. This solution helps us add an extra secure layer to protect applications and the infrastructure.

The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better. An integration with WAF would be very good too.

I have been using this solution for two years. 

This is a stable solution that offers good performance. 

No, this is not a very scalable product. 

In general, the support for this solution is good. It could be improved if it catered for customers in different countries to meet their specific demands. 

The initial setup is a little bit complex for an on-premises deployment. We needed to have many specialized people on Kubernetes to maintain this deployment and keep it up to date. It is a little bit complex because of Kubernetes, not because of Aqua itself, but Aqua have some features to facilitate the deployment.

You need three or four people for the deployment. For a small environment, deployment would take two to three hours. For larger environments, it would take longer than that. 

This is an easy solution to maintain. The main thing is to maintain the databases.

The pricing of this solution could be improved. 

I would recommend this solution to companies have many cloud-native applications.

I would rate this solution a seven out of ten. 

The most valuable feature is the security. Our clientele cares about the speed of the integration especially if they're doing digital transformation. If you compare it to other container security Aqua is not as caught up in terms of the migration. 

We work with another Philippine company that will be providing local support, but our company has more traction with the executives of our clientele. We'd rather have the same skillset or improve our skillsets to be trained by our Aqua counterpart. We haven't done any trainings apart from a webinar. Since we are working from home, we would like to have the proper training for Aqua.

I have been using Aqua Security for two years. 

Our client has around 5,000 users. 

I'm the person who manages technical support. I have contacted the team in Singapore. They're pretty good. The person who has been helping us is very knowledgable. 

We previously used Alcide. Aqua gives us more features and is more solid in terms of security. Aqua is more of a market share leader. There is more of a technology advantage. 

The initial setup was straightforward. We spent around 12 days on the planning during our POC. Planning, testing, and mitigation took around 10-12 days.

Aqua is a bit expensive so you have to really justify going for it or not. 

The deployment should be improved. After this pandemic, half of the workforce has been working from so we need to provide our clients a solution that will have an easier deployment. 

I would rate it a seven out of ten. 

Our primary use case is to sequelize all of the ACD and to review the images. 

The most valuable features are that it's easy to use and manage.

They want to release improvements to their product to work with other servers because now there are more focused on the Kubernetes environment. They need to improve the normal servers. I would like to have more options. 

It is stable.

Scalability is pretty good. It's easy to scale. 

In my company, three or four people use this product. 

They aren't so good. They don't always follow up with the problems. Support needs improvement, they should be more proactive. They're not always as helpful as we want them to be. 

The initial setup was straightforward. The first time you deploy you, you need support but after that, it's easy to understand the documentation that they provide. After two or three times it's easy. 

It takes around one week to get all of the environments in place but to do a PoC is only two days. 

I would rate it a nine out of ten. 

My advice would be to go for it. This solution solves a lot of problems. I would recommend it. 

Aqua focuses more on Kubernetes and Docker but they don't have the option to have an environment with other servers so I would like for them to provide more options. There should be more integration with the cloud.