We changed our name from IT Central Station: Here's why

Aqua Security OverviewUNIXBusinessApplication

Aqua Security is #3 ranked solution in Container Security Solutions. PeerSpot users give Aqua Security an average rating of 10 out of 10. Aqua Security is most commonly compared to Prisma Cloud by Palo Alto Networks: Aqua Security vs Prisma Cloud by Palo Alto Networks. The top industry researching this solution are professionals from a computer software company, accounting for 29% of all views.
What is Aqua Security?

The Aqua Container Security Platform provides development-to-production lifecycle controls for securing containerized applications that run on-premises or in the cloud, on Windows or Linux, supporting multiple orchestration environments.

Buyer's Guide

Download the Container Security Buyer's Guide including reviews and more. Updated: January 2022

Aqua Security Customers

HPE

Salesforce

Telstra

Ellie Mae

Cathay Pacific

HomeAway

Aqua Security Video

Archived Aqua Security Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Senior Principal Consultant Cloud/DevOps/ML/Kubernetes at Opticca
Real User
Top 10
Good technical support and new releases improve usability issues

What is our primary use case?

We use Aqua Security for the container security features.

How has it helped my organization?

We use Aqua Security across the software development lifecycle.

What is most valuable?

We find the Docker and Kubernetes support for container security most valuable.

What needs improvement?

I would like Aqua Security to look into is the development of a web security portal. That is what I want them to look into next.

For how long have I used the solution?

We have been using the solution for two and a half years.

What do I think about the scalability of the solution?

We have thousands of dedicated users. They are pharmacists, healthcare providers, doctors, insurance companies, etc. They are the end users. On our staff are the administrators.

How

What is our primary use case?

We use Aqua Security for the container security features.

How has it helped my organization?

We use Aqua Security across the software development lifecycle.

What is most valuable?

We find the Docker and Kubernetes support for container security most valuable.

What needs improvement?

I would like Aqua Security to look into is the development of a web security portal. That is what I want them to look into next.

For how long have I used the solution?

We have been using the solution for two and a half years.

What do I think about the scalability of the solution?

We have thousands of dedicated users. They are pharmacists, healthcare providers, doctors, insurance companies, etc. They are the end users. On our staff are the administrators.

How are customer service and technical support?

The technical support is good. Whenever we open a ticket, the people are quite helpful about it.

How was the initial setup?

Setup was initially complex before the 3.9 version. We were on version 3.7 and it has been a challenge compared to version 3.11. Deployment was done once or twice in a week.

We are using an in-house regiment. For deployment, we are using automation.

What about the implementation team?

We used a reseller to provide quality. He's the guy who we bought the license from initially. He managed the implementation.

What other advice do I have?

I would rate this product between 7 and 8 out of 10 for container security features.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cem Gurkok
Lead Security Engineer at a tech company with 10,001+ employees
Real User
Integrated with our existing platform, providing visibility into container image vulnerabilities and access control
Pros and Cons
  • "Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."

    What is our primary use case?

    We used Aqua Security to address our container security concerns since we were using Docker in production. There was a clear blind spot that needed to be addressed and Aqua Security was able to fill that gap by providing visibility into the container images and the runtime aspect of our container platform.

    How has it helped my organization?

    Based on the rollout, we were able to gain pretty fast visibility into what was going on in our environment and integrate with existing automation and logging solutions we had in place. We were able to create detections and integrate as well with our existing security infra.

    Previously, we had no visibility into the inner platform that was being operated. We didn't know the vulnerabilities the container images introduced, we didn't know how they were behaving at runtime. We were not able to restrict things as far as access goes, as far as the amount of risk we wanted to take with containers. Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out - the amount of risk that we were introducing to the platform - and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access.

    We were able to define policies around containers so we could enforce our rules and restrictions to provide a more secure environment.

    What is most valuable?

    The most important feature was the ability to integrate with the existing platform.

    There were two other aspects to it, the visibility that it provided to us and the enforcement. Once we were able to see what was going on in our platform, through Aqua Security's enforcement policies, we were able to define the constraints or the limits to secure the environment in a better way.

    What needs improvement?

    Since we were able to work with them closely and provide suggestions to them, and they would take action right away, we didn't have much else for them to improve on. 

    However, perhaps the network visibility side could be improved, although I think they've taken action on that, based on the latest releases. They might have already improved the process on the network visibility aspect.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    We didn't have any issues regarding stability. The only problem was the network monitoring side and it wasn't really a primary goal for us. We had other mechanisms to gain network visibility, so that wasn't an issue that blocked us at any point.

    What do I think about the scalability of the solution?

    We didn't have any problems with scalability. Their architecture provided the means to scale as the enterprise grew, so we were actually expanding the rollout with Aqua Security. The way they architected it, you could actually have a single command-and-control center and have multiple gateways into various environments that rolled up to the command center. That way, even if you had thousands of environments, you could just segment them up and manage them individually through a central location, rather than having a huge blob of things that wouldn't scale properly. The federated, distributed approach they provided let us scale throughout the enterprise.

    How are customer service and technical support?

    One of the great aspects of Aqua Security was their technical support. They understood the issues we were reporting and they were able to take action right away. Mostly, it was not that things that were breaking, it was more things that we needed for our environment specifically. They were able to understand and take action and get something deployed within a week, which was something we hadn't seen in a lot of vendors in quite a while.

    Which solution did I use previously and why did I switch?

    We weren't using any solution before that was providing us with visibility into our container platforms. We looked at other solutions out there and, based on various aspects, including customer service and technical support, we picked Aqua Security. The technical support and customer service aspects were what led us to pick Aqua Security over the competitors.

    How was the initial setup?

    We were able to deploy, test, and roll it out in a short amount of time. The Aqua Security team was really supportive and were able to address our unique needs right away. They were able to address certain issues that showed up as bugs in their code but they were resolved really fast. They had really great customer service.

    The setup was straightforward compared to their competitors, whose setup failed. The Aqua Security setup went smoothly and we were surprised that it actually went off without any issues. The installation instructions they had provided were straightforward and we didn't require much assistance for the initial rollout. The way they packaged it, it was straightforward to install and manage at the same time. It wasn't complex at all.

    What was our ROI?

    I'm not sure if I can place any numeric values on ROI but, considering that we went from zero security to having full visibility and the ability to create policies to enforce our requirements, I think it was a reasonable investment. Going from zero to, say, 80 to 90 percent capabilities was a good deal.

    What's my experience with pricing, setup cost, and licensing?

    When we chose it there weren't many solution providers so their pricing might have been something that smaller environments, smaller shops, might have balked at. For larger environments, it wasn't a problem because it's a choice between having no security for containers and having security.

    It was a price point that made sense to us, compared to not having a solution that would provide us with the visibility and the enforcement policy aspects, to lock things down. They were reasonable with their pricing. They were pretty down-to-earth about the way they pitched their product and the way they tried to close the deal. They were one of the rare companies that approached the whole valuation in a way that made sense for our company, for our needs, and for their own requirements as well.

    They were a good company to work with, to sum it up. Given the customer service, technical aspects, and pricing, the offer made sense to us and we went forward with them.

    Regarding licensing, they will accommodate your needs if they are able to understand them and they're stated clearly. If your needs are on the visibility side, Aqua Security will be able to accommodate that and not price the full solution. If you need the full solution, they will provide pricing accordingly. Based on the needs and the environment, they will be able to come up with a licensing structure that will accommodate whatever the requirements are.

    Which other solutions did I evaluate?

    There were only a few players in the field, two of them being more equal to each other, Aqua Security and a competitor. But at the time, the competitor's product wouldn't even install properly on our PoC systems, and when we said, "Hey, look, your product isn't installing," they just pointed us to more documentation and said we should download the latest version. So they weren't really offering any technical support or any other type of customer service resources to even resolve the initial hurdle. That was a red flag right off the bat: "Hey, look, this competitor is not willing to work with us to even gain the initial foothold."Aqua Security, on the other hand, helped us even though there was no issue. They spent a lot of time explaining how to properly roll it out, properly configure it, etc.

    What other advice do I have?

    First off, know your environment. Know your rollout. If you're in the planning stage, make sure you design things properly and, once you have that in place, once you know your own infrastructure, then talk with Aqua Security to find the best solution that works for you, whether you need visibility or whether you need enforcement capabilities.

    If you need to integrate the logs which are in your existing infrastructure, it would be quite useful to involve Aqua Security earlier so they can properly address the issues that need to be solved in the infrastructure.

    Work with them earlier in the design phase, if it's still being designed. If it's an existing infrastructure, talk to them but know your environment, for your own sake and to make things easier for Aqua Security to provide a better fitting solution so nobody's time is wasted. You can get more bang for your buck or more value out of the deal if you know your environment.

    The main reasons we chose Aqua Security were the visibility it provided into the container platform and the great customer service. Both aspects: The visibility they provided, compared to the other solutions - their technical abilities were further ahead - and the customer service aspect of it. They were able to work with us closely and address our problems in a prompt manner.

    The solution they provided, from all aspects, was great. They understood our needs, delivered solutions, and remedied any issues that we brought up in a timely manner. They surprised us on many occasions by having things delivered in a couple of days. The scalability of it and the ease of deployment made it a great solution for us.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Find out what your peers are saying about Aqua Security, Palo Alto Networks, Sysdig and others in Container Security. Updated: January 2022.
    564,643 professionals have used our research since 2012.
    ITCS user
    Director of Engineering at a tech vendor with 51-200 employees
    Consultant
    Gives us the ability to automatically scan Docker images and know which are vulnerable
    Pros and Cons
    • "Valuable features include the ability to connect it to our Docker Hub where our images are stored, good integration with Slack, and the connection to the CV, to easily see which CVs are on each image."

      What is our primary use case?

      We're using it for the Image Vulnerability Scanning. We have an on-premise solution, so for us, vulnerability scanning is most important. Part of our platform spins up Docker containers and uses Docker internally. We're not a SaaS company, so it's not in the cloud and, therefore, it's very important for us to deploy at the customer's environment. It's very important that we deploy Docker images, that we see the vulnerabilities because we deploy in the customer's environment.

      How has it helped my organization?

      Until now, we didn't have vulnerability management for our Docker images. We tried to use Docker Hub for the vulnerability, but it wasn't suitable, and I'm not sure if it is even supported today. We needed a way to understand which images are vulnerable and which are not, and to do so automatically. Aqua gives us the ability to automatically scan those images, to schedule jobs to trigger scans, and get the vulnerabilities for the Docker images so we can track them, and understand what we need to patch and where to patch.

      It definitely saves us time. We didn't really have a way to do it before. It's basically impossible to do it manually when you have a fleet of Docker images. You have to have some third-party service for scanning.

      Aqua improved our application security. It has given us visibility into the vulnerability of those images.

      What is most valuable?

      • The ability to connect it to our Docker Hub where our images are stored
      • Good integration with Slack, which we haven't yet enabled yet, but we're going to do so in the next month; that's very important for us
      • The connection to the CVE, to easily see which CVs are on each image
      • The Tags
      • Maintenance

      Overall, it gives us good vulnerability management.

      What needs improvement?

      Something we would like to see is a better way to automatically fetch old Tags from an image. That might be something they have improved. We're not sure if they have added that feature or not yet. It's something that would be a nice-to-have.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      The stability is good. I do remember that we had emails about some maintenance or a failure, maybe once or twice, during the year. But they didn't really impact us because it's a job that runs for us in a scheduled manner, once a week. For our needs, the SLA is not critical because it's a scheduled job. We don't need a very high SLA.

      What do I think about the scalability of the solution?

      It works for our scale. We don't push it to extraordinary extremes, but for our scale, it has worked fine.

      How are customer service and technical support?

      Tech support is good and fast. We haven't needed tech support much, maybe two or three times a year. We used it most initially, during the setup. And we needed it to renew our license.

      Which solution did I use previously and why did I switch?

      We didn't have a previous solution. We went with Aqua because it seemed to be an enterprise company in terms of security, one of the leaders in the field, so we tried them first. It gave us the value that we needed. They made a very good impression with their knowledge of security around containers. It seemed to be a company focused on that, security first for containers, unlike Docker. That was an advantage to us.

      How was the initial setup?

      The initial setup was straightforward. Not much configuration was needed. It didn't take us a long time to set it up and we got support from them for specific questions. It was done in about half a day.

      Since ours is not a complex use case, we didn't have a particular strategy for the setup. We don't have a complex environment. We did it ourselves. It's very easy to implement.

      What was our ROI?

      As I said, manually checking vulnerability is not really feasible. We had to have some kind of solution. The ROI is clear. We could not live without it. Now we are getting back a picture of the vulnerability and we are able to fix severe security/vulnerability bugs.

      Which other solutions did I evaluate?

      I know there are some open-source solutions, and we haven't tried those, but I believe that Aqua Enterprise is superior to open-source. We looked at the Docker Hub option. It seemed like it was half-baked at the time. There is also Twistlock, but I haven't tried it out. We found what we needed with Aqua and we didn't have a need to compare it with other solutions.

      What other advice do I have?

      They gave us access to their executive team, specifically, the CTO. I had met him long ago at a Docker conference. He gave us full support and technical support. He was very technically oriented. He helped us with the setups, technically, and we're still in touch today. When I need help he is there.

      In terms of the number of users of the solution, for us, it's just the people who maintain the Docker images, two or three people: the head of DevOps and the Director of Engineering. It's just vulnerability management, we don't need many people to access the platform. Once we integrate it with Slack, we'll have visibility for all the users. But day-to-day, they don't need to access the platform, they'll just want to consume the reports. In terms of maintenance, it's very low. One person will get along fine. In our company, it is done by DevOps.

      Usage is going up automatically because we're increasing Docker images all the time, so the usage is increasing by default.

      Regarding the extent to which we are using all the capabilities of the solution, the parts which are not relevant for vulnerability scanning are not relevant for us. We haven't explored what else Aqua can do. It's not part of our scope. I'm sure other companies are using the vast amount of features it has but we only need the vulnerability management.

      I rate it at ten out of ten. For our needs, it's a complete solution.

      Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.