Microsoft-backed Aqua Security launches in the UK

Aqua Security looks to take lion's share of emerging container security space

Microsoft-funded vendor Aqua Security has launched in the UK and is scouting for UK partners as it looks to gain a foothold in Europe.

Aqua is focused solely on the security of virtual containers, an area CEO Dror Davidoff told CRN is not being addressed by the big security players.

What they do

While virtual machines (VM) run full virtualised operating systems, containers run only the settings and libraries required for an application to run, making it faster and more efficient.

Davidoff said the use of containers has increased drastically over the past two years, adding that over the next five to seven years he expects the technology to have completely displaced VMs.

"This new technology brings a lot of advantages to the organisation," he said. "Cost effectiveness, usability, utilisation of

resources, scalability - a long set of advantages - so we see a very rapid transition into this infrastructure.

"Because it's early-stage technology there are a lot of missing components - the management, the networking and of course security. There are a lot of risks and that is exactly where Aqua steps into the game and gives an end-to-end solution that allows large enterprises to adopt the technology but mitigate the risks that come with it."

Davidoff explained that while the giants in the security space are dabbling in container security, none of them are providing a solution capable of providing complete protection.

"Some of the larger security companies claim to have something that will help secure the container space, but from what we've seen they provide a very partial and incomplete solution," he said.

"Security companies have extended their solution to say 'we can also do this for virtual containers', but the difference with Aqua is that we are focused on it completely and secure the complete life cycle.

"Also, some of the vendors on the infrastructure side claim that they can solve the problem - VMware or Docker might say that they have part of the solution - but again it's only partial and incomplete. We try to work with them in co-operation, not compete with them."

Microsoft backing

Aqua was founded in 2015 by Davidoff, who previously worked for McAfee, and Amir Jerbi who was previously chief architect at CA Technologies.

The Tel Aviv-based vendor raised $4m (£3.1m) of funding in October 2015 and its profile was raised further in 2016 when Microsoft led a $9m funding round through Microsoft Ventures.

At the time, Microsoft Ventures' managing director Mony Hassid said: "Containers are revolutionising application development and delivery, driving new levels of innovation and developer agility.

"Aqua's comprehensive security platform for containers enables enterprises to accelerate adoption on both private and public clouds. We are delighted to support Aqua's journey to success in this fast-growing market."

Shlomo Kramer, founder of Check Point and Cato Networks, is also a board member, having invested in the first funding round.

UK channel

Aqua currently has two US offices alongside its Israeli headquarters, but Davidoff said a European HQ in London is set to open in the summer, as he plots the vendor's European expansion.

The vendor launched in the UK earlier this year with distributor Securicom and is currently in advanced talks with four UK resellers.

Davidoff said he is targeting resellers familiar with virtualisation and the cloud, but also traditional security partners, adding that the ideal partner would be experienced in both.

"So far it's difficult to find those resellers that have expertise in both areas because traditionally those two areas are very distinct and very segregated from one another.

"We're looking for those that have expertise in both - this is a big trend in the market. There is a new job description in very high demand called 'dev sec ops' - a combination of dev ops and the security team.

"They are in very high demand and there are very few people who have their operational experience in both sides - the same analogy, when I think about resellers, is having that experience in the cloud but also in security."

Sam Murdoch, director at Aqua distributor Securicom, said he sought a container security vendor to add to the distributor's portfolio after being surprised at the demand from partners and customers.

"When we started getting into end users, Docker and containers kept coming up," he said. "People were saying they're great for deploying applications but the security risk is tenfold because you have 10,000 images spinning up at any one time, whereas if you have one application server with one application on it there is Palo Alto, or VMware [for security].

"We did initially think it would take longer to engage with customers and resellers because finding out whether a customer has Docker is quite difficult - they don't know themselves - unless you go and stand with their development team.

"However, from our own knowledge and from Aqua's there is a huge amount of Docker use in the UK and those deployments are trying to be secured by open-source software, which has caused problems."