top of page

News & Views

Aqua Security unveils powerful CNDR

A new Cloud Native Detection and Response (CNDR) from Aqua Security’s ( cyber research team, Nautilus, is an industry-first in the detection and response for zero-day attacks in cloud native environments.

CNDR uses a growing body of more than 80 behavioural indicators to identify zero-day attacks from low level eBPF events, which are surfaced by the open source project Tracee.  The new detection capabilities, combined with Aqua’s unique runtime security controls making Aqua the only vendor that can both detect and granularly prevent malicious activity from spreading without disrupting the production environment.

“The cloud native threat landscape is constantly evolving.  Adversaries are advancing their techniques to craft more sophisticated and targeted attacks at a rate faster than enterprises can track, which makes the cloud native cyber research performed by Team Nautilus so important,” says Amir Jerbi, co-founder and CTO, Aqua Security.  “By incorporating the output of this research and intelligence with industry leading detection capabilities and surgical runtime policies, Aqua delivers the industry’s most comprehensive protection for cloud native environments.”

CNDR leverages continually updated, runtime behavioural indicators that are based on thousands of real-world attacks observed in the wild on cloud native environments, including Linux, Containers, Serverless and Kubernetes workloads.  In addition to behavioural indicators, Aqua’s threat intelligence includes IP and DNS reputation intel and a malware database, giving CNDR and Aqua’s customers access to the most complete threat intelligence feed for Cloud Native Application security.

The addition of CNDR is a significant milestone in the industry and for Aqua Security, which already offers the most unified and integrated Cloud Native Application Protection Platform (CNAPP) on the market.  While a small number of solutions leverage eBPF for observability and monitoring, they lack a broad set of continuously updated behavioural intelligence specific to novel attacks in cloud native environments.  Aqua goes beyond mere detection to stop the detected attacks using its granular, highly focused runtime controls.

“It is absolutely critical for application development and Security teams to keep the business and production environment running while at the same time maintaining an effective security posture,” says Ehud Amiri, VP Product Management, Aqua Security.  “This is impossible if runtime controls are binary – letting the container run with security issues or kill the container. That is why we focus on the most granular, least intrusive enforcement capabilities available, so the business can continue running securely.”

For a demo of CNDR see
bottom of page