I have been testing various solutions to ensure which one is the best fit to protect data, applications, and infrastructure in cloud environments. We are distributors in Turkey, focusing on promoting cost-effective security solutions in the market. When engaging with enterprise clients, particularly in the financial sector such as banks, I emphasize the importance of robust security measures. During customer visits, they express a keen interest in technical support and want demonstrations of software source code management, security support for software chains, and workflow protection.
Aqua Cloud Native Application Protection Platform
Aqua Security Software Inc.External reviews
58 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Director of Infrastructure Engineering
What do you like best about the product?
Ease of use and wide range of feature availability. It supports Windows containers.
What do you dislike about the product?
Nothing we've encountered yet has been an issue.
What problems is the product solving and how is that benefiting you?
Provides container security in our:
Container build pipelines
Container registry
Runtime environments
Container build pipelines
Container registry
Runtime environments
high quality product and good customer service
What do you like best about the product?
Provide accurate visibility of application software. Very low false positive rate. Detection and actionable follow up instruction.
What do you dislike about the product?
area can be improved is the integration with third party tool, such as service now, jira ...
What problems is the product solving and how is that benefiting you?
gain visibilty of seurity risk associated with our application development process. helped us to quickly identify critial vulnerabilies and provide actionable follow up for our developers to address the issues.
A robust and cost-effective solution, excelling in scalability, on-premises support, and responsive technical support, making it well-suited for enterprises navigating stringent regulatory environment
What is our primary use case?
What is most valuable?
The most crucial aspect is runtime protection, specifically image scanning before preproduction and deployment. Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment. This feature ensures that customers can identify any potential issues with the image, such as misconfigurations or vulnerabilities, before integrating it into their workloads and infrastructure. In their source pipeline, companies can identify issues before deploying changes. This is crucial because customers prefer resolving any problems or misconfigurations before the deployment process. Software change security, including GSPM Cloud, is a key feature customers seek in their infrastructure.
What needs improvement?
There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management. Another challenge lies in the difficulty and complexity of the installation process. Deploying core components is not straightforward; it poses challenges that need to be addressed.
For how long have I used the solution?
I have been using it for eight months.
What do I think about the stability of the solution?
I would rate its stability capabilities seven out of ten. Upon opening the dashboards and navigating to VM, there are instances where I can't see the information.
What do I think about the scalability of the solution?
It excels in scalability, and it stands out as a particularly flexible and complex solution. This flexibility contributes to its superior scalability compared to other solutions like Prisma Cloud, which is notably less scalable. I would rate it eight out of ten.
How are customer service and support?
The technical support is highly responsive and exceptionally helpful. When I report an issue, they address it promptly and efficiently. I would rate it ten out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is complex.
What about the implementation team?
The deployment time is quite lengthy. For instance, if you're integrating into the supply chain, the process demands more time, potentially spanning several days. Installing components like source code management and workflow protection is particularly challenging. This difficulty is intertwined with the infrastructure, determining how many workloads can be accommodated. In a smaller environment, installation might be feasible, say, between two to three hosts. However, challenges persist, such as the inability to install GitHub due to the absence of a connector. Despite efforts, connecting with other platforms like Scenic proves troublesome, unlike the seamless connection experience with NetApp.
What's my experience with pricing, setup cost, and licensing?
It comes at a reasonable cost. When compared to Prisma Cloud, it is more budget-friendly.
What other advice do I have?
This is an excellent solution, particularly for countries with stringent regulations like Turkey, Vietnam, and Russia. In these regions, high-level enterprise customers, driven by regulatory constraints, often refrain from using cloud accounts such as AWS and Google Cloud. Aqua provides a fulfilling on-premises solution, which is highly valuable. Overall, I would rate it nine out of ten.
Covers a lot!
What do you like best about the product?
The amount of content Aqua covers within Cloud is extremely impressive. It's a hugely powerful tool compared to it's competitors.
Support contacts are readily available.
Easy to deploy using Helm and APIs.
Support contacts are readily available.
Easy to deploy using Helm and APIs.
What do you dislike about the product?
There's multiple ways to do the same thing, making it complicated to use.
What problems is the product solving and how is that benefiting you?
Identifiying risks and security threats within our cloud platforms.
Effective insight to container security posture
What do you like best about the product?
Aqua provides the ability to isolate specific areas when dealing with the overwhelming nature of managing containers and their security footprint. Specific areas that are broken down from images, infrastructure, network, runtime protection etc. allows for taking each section and narrowing it down to actionable items which can be addressed making it less overwhelming.
What do you dislike about the product?
An opportunity of improvement would be to be able to trigger based on container layers and any security vulnerabilities that exists withing that layer would help further drill down specific issues that may be present in that level. Better integration with GitLab CICD would be helpful as well.
Another feature that would be helpfu would be to be able to drill down from the Widgets. As of now, the widget only allows read-only visuals.
Another feature that would be helpfu would be to be able to drill down from the Widgets. As of now, the widget only allows read-only visuals.
What problems is the product solving and how is that benefiting you?
Ability to have compliance based benchmarking using industry standards such as CIS. Managing threat landscape with the applications deployed to the cloud. Ability to isolate and map network traffic for container interaction to external entities.
VERY solid product which provided top roi
What do you like best about the product?
Able to identify our app sec weakness, we were able to mange all vulnerabilities and code weakness by using aqua to find and understand what each dev team needs
What do you dislike about the product?
I didn't find anything that's we didn't like. Cost was many a factory that would fit in the category . A part from that it's a very good product. Cost was one is the issue
What problems is the product solving and how is that benefiting you?
Cloud assessment and monitoring cloud weakness, mis configurations and identify cloud infrastructure admins miss configurations. Anylatics was
Starting to use the solution
What do you like best about the product?
Easy to navigate , very user friendly easy to operate.
What do you dislike about the product?
Don't have any yet, still working on report customization
What problems is the product solving and how is that benefiting you?
Visibility that helps us determine what needs to be remediated in order to meet security and compliance objectives.
Solid product
What do you like best about the product?
Aqua security has the most helpful security research we've used. Solid articles, and functionality to match to help with the changing landscape.
What do you dislike about the product?
We have had some issues connecting into some of our Azure Spaces. So we are missing value from some features they offer.
What problems is the product solving and how is that benefiting you?
Comprehensive policies and controls for runtime and cicd process.
Provides workload protection and helps identify security misconfigurations, vulnerabilities, and risks
What is our primary use case?
I'm using it for workload protection. So, in most cases, for protecting containers, verifying Kubernetes configurations, cloud configurations, and identifying security misconfigurations, vulnerabilities, and risks.
How has it helped my organization?
I use it to demonstrate to customers because I'm a sales engineer. Many customers want to protect their workloads and applications.
For example, when I am using a Docker image with multiple vulnerabilities, I need to know which vulnerabilities are inside. Then I create security policies to allow or deny the deployment of containers from this image and also create a security policy for runtime. This way, when the application is running in the wild, we can guarantee that the security blocks any kind of exploitation.
What is most valuable?
There are many features that I really like. For example, the runtime policies are very easy to configure, and they are scalable across all environments. The DTA, which stands for Dynamic Threat Analysis, allows me to analyze Docker images in a sandbox environment before deployment, helping me anticipate risks.
What needs improvement?
The user interface could be improved, especially in terms of organization and clarity. Additionally, more comprehensive examples for deployments and feature usage would be helpful.
Maybe more plugins or something that makes it easier to integrate with CICD pipelines or interact with APIs.
For how long have I used the solution?
I've been using it for about three years. I'm using the SaaS version.
What do I think about the stability of the solution?
I would rate the stability an eight out of ten.
What do I think about the scalability of the solution?
It is a scalable solution. I would rate the scalability a ten out of ten.
How are customer service and support?
The customer service and support are good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was very straightforward.
What's my experience with pricing, setup cost, and licensing?
For me, it's a fair price.
What other advice do I have?
I would definitely recommend using the solution. It's a very scalable solution with multiple features that help us protect our cloud environment effectively.
Overall, I would rate the solution a nine out of ten.
AquaSec is intuitive, ideal security tool in the industry
What do you like best about the product?
We recently integrated Aquasec with our client in Azure DevOps for supply chain security, IAC scanning, and Workload protection to identify and resolve the identified vulnerabilities. I liked the tool for its intuitiveness. everything is detailed in the portal with an explanation.
What do you dislike about the product?
I think it would be ideal for someone to procure the tool and deploy it in the easiest way possible. Probably provide an end-end workflow suggesting to the customer that fits their use case instead of identifying what they want. Let the customer know this is the best way to do it.
What problems is the product solving and how is that benefiting you?
We helped our client assess Aqua Security's capabilities in the different security areas for their requirements. They recently procured the tool, and we integrated it with their Azure DevOps for performing SCA, SAST and IAC scanning. It is helping to identify the vulnerabilities and strengthen the shift left security approach. This integration is helping them identify vulnerabilities early in the development cycle, enabling faster remediation and reducing the potential impact of security incidents in their production environments.
showing 11 - 20