Aqua CNAPP

Aqua Security is the pioneer and largest pure-play cloud-native security company, founded in 2015 by Dror Davidoff and Amir Jerbi with headquarters in Boston, MA and Ramat Gan, Israel. The Aqua Platform provides comprehensive Cloud Native Application Protection Platform (CNAPP) capabilities securing the entire application lifecycle from development to production with full prevention, detection, and response automation. Aqua protects over 40% of the Fortune 100 and 500+ large enterprise customers across financial services, government, retail, manufacturing, and media sectors, having raised $325 million in funding with a $1 billion valuation and achieving $89.9 million in revenue in 2024.

The platform delivers extensive container image scanning with vulnerability assessment, Kubernetes Security Posture Management (KSPM) for cluster configuration auditing, and runtime protection with behavioral profiling to detect anomalous activity, featuring unique Dynamic Threat Analysis (DTA) that sandboxes suspicious container images to identify advanced malware and behavioral anomalies before deployment. Aqua includes vShield technology that virtually patches unfixable vulnerabilities at runtime without modifying container images, network segmentation with microsegmentation policies, secrets management, CI/CD pipeline integration for shift-left security, and admission control to prevent deployment of non-compliant images across AWS, Azure, GCP, and on-premises environments supporting both Linux and Windows containers.

Aqua maintains Trivy, the world's most popular open-source vulnerability scanner with over 27,000 GitHub stars, 100+ million annual downloads, and millions of active monthly users, adopted by leading platforms including GitLab, Artifact Hub, and Harbor. The company holds ISO 27001:2022, ISO 27017 (cloud security), ISO 27018 (privacy protection), and ISO 27701 certifications, undergoes annual SOC 2 Type II audits, and participates in CSA STAR Level 1, and was recognized as Best Vulnerability Scanner in the 2025 Cloud Security Awards, demonstrating comprehensive compliance for highly regulated industries.