Aqua Security

Last updated
Aqua Security
Company typePrivate
IndustryCybersecurity
Founded2015
FoundersDror Davidoff, Amir Jerbi
Headquarters Ramat Gan, Israel
Area served
Worldwide
Key people
  • Dror Davidoff (CEO) [1] [2]
  • Amir Jerbi (CTO) [3]
Website aquasec.com

Aqua Security is an Israeli cloud-native application protection company, founded in 2015. [4] [5] In 2021, Aqua Security reached a $1B valuation. [6] [7] [8] It is home to the research team, Aqua Nautilus, focused on cybersecurity research of the cloud native ecosystem. [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19]

Contents

History

Aqua Security was founded in Ramat Gan, Israel in 2015 by Dror Davidoff, who serves as the CEO and Amir Jerbi, CTO. [1] [20] [21] The company initially focused on container workload protection and added serverless and VMs in 2017 to achieve comprehensive Cloud Workload Protection Platform (CWPP) capabilities. [22]

In September 2016, the company raised $9 million in Series A funding led by Microsoft Ventures. Previous investors TLV Partners and Shlomo Kramer also participated in the round, bringing Aqua's total investment to date to $13.5 million. [23] It was followed by a $25 million series B funding in 2017. [24] [25] In the spring of 2017 the company opened its Boston office. [26]

Aqua Security raised $62 million in 2019 in funding led by Insight Partners, with participation from Lightspeed Venture Partners, M12 (Microsoft's venture fund), TLV Partners, and Shlomo Kramer. [24] [27]

Aqua raised $30 million in a series D round closed in May 2020. [4] In March 2021 Aqua raised $135 million in series E funding, led by ION Crossover Partners at a $1 billion valuation. [6] [28]

In June 2022 Aqua Security and the Center for Internet Security (CIS) released the first formal guidelines for software supply chain security. CIS Software Supply Chain Security Guide provides enterprises with foundational recommendations for securing the software supply chain against threat actors. [29]

In January 2024, the company raised $60 million, extending its Series E round of funding to $195 million. [30]

The company's global headquarters is located in Ramat Gan, Israel, with US headquarters in Boston, Massachusetts, and R&D Center in Hyderabad, India. [31] [32]

Acquisitions

In 2019 Aqua Security acquired CloudSploit, a cloud security posture management company, which tracks and enforces practices on the security of user and service accounts on public cloud platforms such as GitHub, AWS and Microsoft Azure. [33] [34] The company acquired Argon, a startup with capabilities for securing the software supply chain in December 2021. [35] The same year, Aqua acquired tfsec, an open-source security scanner for Infrastructure as Code (IaC). The acquisition brought integration of tfsec into Aqua Trivy, adding IaC security scanning capabilities. Tfsec's co-founders also joined Aqua following the acquisition. [36] [37]

Open source products

Aqua Security has an open-source development team responsible for several open-source tools, including Trivy [38] and Tracee. [39] Trivy Vulnerability Scanner was acquired by Aqua open source team in 2019. Teppei Fukuda, the developer behind Trivy, joined the Aqua Security team after the acquisition. Other tools include Kube-bench, Kube-hunter, and chain-bench. [40] [41]

Literature

Related Research Articles

Heroku is a cloud platform as a service (PaaS) supporting several programming languages. As one of the first cloud platforms, Heroku has been in development since June 2007, when it supported only the Ruby programming language, but now also supports Java, Node.js, Scala, Clojure, Python, PHP, and Go. For this reason, Heroku is said to be a polyglot platform as it has features for a developer to build, run and scale applications in a similar manner across most of these languages. Heroku was acquired by Salesforce in 2010 for $212 million.

<span class="mw-page-title-main">CyberArk</span> Israeli software company

CyberArk Software Ltd. is an Israeli publicly traded information security company offering identity management. The company's technology is utilized primarily in the financial services, energy, retail, healthcare and government markets. CyberArk is headquartered in Petach-Tikva. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

<span class="mw-page-title-main">NuoDB</span>

NuoDB is a cloud-native distributed SQL database company based in Cambridge, Massachusetts. Founded in 2008 and incorporated in 2010, NuoDB technology has been used by Dassault Systèmes, as well as FinTech and financial industry entities including UAE Exchange, Temenos, and Santander Bank.

CloudBees is an enterprise software delivery company. Sacha Labourey and Francois Dechery co-founded the company in early 2010, and investors include Matrix Partners, Lightspeed Venture Partners, HSBC, Verizon Ventures, Golub Capital, Goldman Sachs, Morgan Stanley, and Bridgepoint Group.

<span class="mw-page-title-main">DigitalOcean</span> American cloud infrastructure provider

DigitalOcean Holdings, Inc. is an American multinational technology company and cloud service provider. The company is headquartered in New York City, New York, US, with 15 globally distributed data centers. DigitalOcean provides developers, startups, and SMBs with cloud infrastructure-as-a-service platforms.

GitLab Inc. is an open-core company that operates GitLab, a DevOps software package that can develop, secure, and operate software. GitLab includes a distributed version control based on Git, including features such as access control, bug tracking, software feature requests, task management, and wikis for every project, as well as snippets.

Wercker is a Docker-based continuous delivery platform that helps software developers build and deploy their applications and microservices. Using its command-line interface, developers can create Docker containers on their desktop, automate their build and deploy processes, testing them on their desktop, and then deploy them to various cloud platforms, ranging from Heroku to AWS and Rackspace. The command-line interface to Wercker has been open-sourced.

Docker, Inc. is an American technology company that develops productivity tools built around Docker, which automates the deployment of code inside software containers. Major commercial products of the company are Docker Hub, a central repository of containers, and Docker Desktop, a GUI application for Windows and Mac to manage containers. The historic offering was Docker Enterprise PaaS business, acquired by Mirantis. The company is also an active contributor to various CNCF projects, such as containerd and runC. The main open source offering of the company are Docker Engine and buildkit which are rebranded under the Moby umbrella project. The core specification, Dockerfile, still includes the company trademark, however.

<span class="mw-page-title-main">CircleCI</span> American software company

CircleCI is a continuous integration (CI) and continuous delivery (CD) platform that can be used to implement DevOps practices. The company was founded in September 2011 and has raised $315 million in venture capital funding as of 2021, at a valuation of $1.7 billion. CircleCI is one of the world's most popular CI/CD platforms. Facebook, Coinbase, Sony, Kickstarter, GoPro, and Spotify used CircleCI in 2019.

YL Ventures is an American-Israeli venture capital firm that specializes in seed stage cybersecurity investments.

<span class="mw-page-title-main">Open Source Security Foundation</span> Industry forum on software security

The Open Source Security Foundation (OpenSSF) is a cross-industry forum for collaborative improvement of open-source software security. Part of the Linux Foundation, the OpenSSF works on various technical and educational initiatives to improve the security of the open-source software ecosystem.

Zscaler, Inc. is an American cloud security company, with headquarters in San Jose, California. The company offers cloud-based services to protect enterprise networks and data.

Checkmarx is an enterprise application security company headquartered in Atlanta, Georgia in the United States.

Tenable, Inc. is a cybersecurity company based in Columbia, Maryland. Its vulnerability scanner software Nessus, developed in 1998, is one of the most widely deployed vulnerability assessment solutions in the cybersecurity industry. As of December 31, 2023, the company had approximately 44,000 customers, including 65% of the Fortune 500.

Semgrep, Inc. is a cybersecurity company based in San Francisco. The company develops the Semgrep AppSec Platform and actively maintains the open-source static code analysis tool semgrep OSS.

Snyk is a developer-oriented cybersecurity company, specializing in securing custom developed code, open-source dependencies and cloud infrastructure. It was founded in 2015 out of London and Tel Aviv and is headquartered in Boston.

<span class="mw-page-title-main">Wiz (company)</span> Cloud computing security startup

Wiz, Inc. is a cloud security startup headquartered in New York City. The company was founded in January 2020 by Assaf Rappaport, Yinon Costica, Roy Reznik, and Ami Luttwak, all of whom previously founded Adallom. Rappaport is CEO, Costica is VP of Product, Reznik is VP of Engineering, and Luttwak is CTO. The company's platform analyzes computing infrastructure hosted in Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure, and Kubernetes for combinations of risk factors that could allow malicious actors to gain control of cloud resources and/or exfiltrate valuable data.

Immuta Inc. is an American data security platform and software company. The company provides a cloud-native data governance platform to businesses, governmental agencies, and healthcare organizations.

Cribl.io is an American company developing a data platform for information technology and security operations teams. Their core function revolves around simplifying and managing the massive amount of data generated by various software systems within an organization. Founded in 2018 by Clint Sharp, Ledion Bitincka, and Dritan Bitincka, the company is headquartered in San Francisco, California. Its mascot is a goat named Ian. In October 2022, Splunk filed a lawsuit against Cribl, alleging that the company based its business on stolen intellectual property.

Buildkite is a continuous integration (CI) and continuous delivery (CD) platform used in DevOps and company was founded in September 2013. Companies using Buildkite include Wayfair, Shopify, Slack, Twilo, Canva, Pinterest, Envato, MYOB and Lyft.

References

  1. 1 2 Alspach, Kyle (2022-01-21). "'Mass demand' is building for cloud-native security, Aqua CEO says". VentureBeat . Retrieved 2024-07-18.
  2. "Amir Jerbi, Aqua Security Software Ltd: Profile and Biography". Bloomberg.com. Retrieved 2024-07-18.
  3. "Dror Davidoff, Aqua Security Software Ltd: Profile and Biography". Bloomberg.com. Retrieved 2024-07-18.
  4. 1 2 Elder, Jeff; Vedantam, Keerthi. "Developer security is booming as hack-prevention starts earlier than ever: Here are the 25 startups you need to know in this red-hot space". Business Insider . Retrieved 2024-07-18.
  5. "Aqua Security raises $60m at over $1b valuation". Globes . 2024-03-01. Retrieved 2024-07-18.
  6. 1 2 Lardinois, Frederic (2021-03-10). "Aqua Security raises $135M at a $1B valuation for its cloud native security platform". TechCrunch . Retrieved 2024-07-18.
  7. Alspach, Kyle (2022-03-17). "Cybersecurity has 53 unicorns. Here are 10 to watch". VentureBeat . Retrieved 2024-07-18.
  8. Joyner, April; Bort, Julie. "Over 340 US startups became unicorns in a record-breaking 2021. Here's the full list and their investors". Business Insider . Retrieved 2024-07-18.
  9. Lyons, Jessica (16 August 2023). "PowerShell? More like PowerHell: Microsoft won't fix flaws in package gallery ripe for supply chain attacks". The Register . Retrieved 2024-07-18.
  10. Lyons, Jessica (4 February 2023). "HeadCrab bots pinch 1,000+ Redis servers to mine coins". The Register . Retrieved 2024-07-18.
  11. "Aqua Security: 97% unaware of crucial cloud native security principles". VentureBeat . 2021-07-31. Retrieved 2024-07-18.
  12. Spadafora, Anthony (2020-09-14). "Most cloud cyberattacks just want to mine cryptocurrency". TechRadar . Retrieved 2024-07-18.
  13. Vaughan-Nichols, Steven J. (2023-08-09). "Aqua Security Uncovers Major Kubernetes Attacks". The New Stack. Retrieved 2024-07-18.
  14. Arghire, Ionut (June 27, 2024). "'Phantom' Source Code Secrets Haunt Major Organizations". SecurityWeek. Retrieved 2024-07-18.
  15. Bradley, Tony. "Aqua Security Reveals Crucial Insights On Kinsing Malware". Forbes. Retrieved 2024-07-18.
  16. "Kinsing malware still on the rise". 2024-06-06. Retrieved 2024-07-18.
  17. "Ubuntu 'command-not-found' tool can be abused to spread malware". BleepingComputer. Retrieved 2024-07-18.
  18. "Millions of GitHub repositories vulnerable to RepoJacking: Report". CSO Online. Retrieved 2024-07-18.
  19. "Memory-based attacks increase as attackers dodge cloud defenses". BetaNews. 2023-07-03. Retrieved 2024-07-18.
  20. Wiggers, Kyle (2021-03-10). "Aqua Security protects containerized apps and infrastructure, raises $135M". VentureBeat . Retrieved 2024-07-18.
  21. Janofsky, Adam (May 6, 2019). "Container Technology Brings Security Surprises". WSJ . Retrieved July 17, 2024.
  22. Alspach, Kyle (2021-11-23). "Why an emerging cloud security trend offers 'good news' to businesses". VentureBeat . Retrieved 2024-07-18.
  23. Zakrzewski, Cat (September 27, 2016). "Aqua Security Raises $9 Million". WSJ . Retrieved July 17, 2024.
  24. 1 2 Wiggers, Kyle (2019-04-03). "Aqua Security raises $62 million for containerized computing tools". VentureBeat . Retrieved 2024-07-18.
  25. "The Latest App Coding Trend Is a Hacker's Dream". Bloomberg.com. 2017-07-18. Retrieved 2024-07-18.
  26. "Israeli tech unicorn Aqua Security raises $60M for its cloud-based cybersecurity approach — TFN". Tech Funding News. 2024-01-04. Retrieved 2024-07-18.
  27. Miller, Ron (2019-04-03). "Container security startup Aqua lands $62M Series C". TechCrunch . Retrieved 2024-07-18.
  28. Holmes, Aaron. "Investors sunk billions into these 14 cybersecurity startups as the pandemic and massive hacks like SolarWinds made the industry more vital than ever". Business Insider. Retrieved 2024-07-18.
  29. Keary, Tim (2022-06-22). "Aqua Security and CIS release first formal guidelines for software supply chain security". VentureBeat. Retrieved 2024-07-18.
  30. Sawers, Paul (2024-01-03). "Cloud-native cybersecurity startup Aqua Security raises $60M and remains a unicorn". TechCrunch. Retrieved 2024-07-18.
  31. "Aqua Security Software Ltd - Company Profile and News". Bloomberg.com. Retrieved 2024-07-18.
  32. "Aqua Security announces $135 million series E funding, to double Hyderabad R&D centre headcount". The Times of India. 2021-03-11. ISSN   0971-8257 . Retrieved 2024-07-18.
  33. Alspach, Kyle (2021-11-23). "Why an emerging cloud security trend offers 'good news' to businesses". VentureBeat. Retrieved 2024-07-18.
  34. "Aqua Security buys CloudSploit, expands into cloud security | TechTarget". IT Operations. Retrieved 2024-07-18.
  35. Alspach, Kyle (2021-12-01). "Aqua Security acquires Argon to protect the software supply chain". VentureBeat. Retrieved 2024-07-18.
  36. Vizard, Mike (2021-07-12). "Aqua Security Acquires tfsec to Advance DevSecOps". DevOps.com. Retrieved 2024-07-18.
  37. "Aqua Security buys open-source 'infrastructure as code' scanning tool tfsec". SiliconANGLE. 2021-07-12. Retrieved 2024-07-18.
  38. Aqua Security Trivy, GitHub, 2024-07-18, retrieved 2024-07-18
  39. Aqua Security Tracee, GitHub, 2024-07-18, retrieved 2024-07-18
  40. Zorz, Mirko (2023-11-08). "Aqua Trivy open-source security scanner now finds Kubernetes security risks". Help Net Security. Retrieved 2024-07-18.
  41. "8 vulnerability management tools to consider in 2023 | TechTarget". Security. Retrieved 2024-07-18.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.