Aqua Security Granted Patent for Innovative Dynamic Threat Analysis (DTA) Technology
June 20 2024 - 9:30AM
Aqua Security, the pioneer in cloud native security, today
announced that it has been granted a patent (12001543) for its
Dynamic Threat Analysis (DTA) technology. This innovative
capability assesses the risks that container images pose before
they are run as containers in a live environment. With Aqua’s newly
patented technology, organizations can find and stop malicious
threats before deployment, preventing them from infecting running
applications.
Aqua DTA operates by running container images in a secure,
isolated sandbox environment combining signature-based detection
with advanced behavioral analysis. This dual approach enables DTA
to identify novel malware and zero-day attacks that static scanners
miss. It monitors behavioral patterns and Indicators of Compromise
(IoCs) such as malicious behavior and suspicious network activity
to detect container escapes, malware, cryptocurrency miners, code
injection backdoors, and other threats.
When an image scan is initiated from a container registry, Aqua
DTA analyzes the image while running it in a sandbox and provides
detailed analysis results. This process determines the potential
risk level that the image presents if allowed to run in an open,
networked environment. Based on the results, security and DevOps
teams can make an informed decision and set up a specific assurance
policy to accept or reject the image for deployment.
This capability helps prevent a wide range of attacks such as
data exfiltration, the use of containers for Distributed Denial of
Service (DDoS) attacks, cryptomining, fileless and polymorphic
malware. Aqua DTA complements "shift left" vulnerability scanning
by serving as an additional preventive control in the CI/CD
pipeline, effectively catching known and unknown threats early in
the application lifecycle before they reach production.
"As the threat landscape rapidly evolves, staying ahead of the
latest attack methods is essential. Thanks to the Aqua Nautilus
Research Team, we can achieve this,” said Amir Jerbi, co-founder
and CTO at Aqua Security. “Our team has detected an increase in
sophisticated methods to evade existing security measures and fly
under the radar, as well as a significant rise in software supply
chain attacks. Given these complex and advanced threats,
organizations must elevate their security practices beyond basic
vulnerability scanning. Securing this patent is a major milestone
for Aqua, confirming that the industry values innovative tools like
DTA to tackle the challenges of a continuously expanding threat
landscape."
Aqua Security continues to lead the way in cloud native
security. With this latest achievement, Aqua Security not only
strengthens its portfolio but also sets a new standard for security
in the cloud native space. As cyber threats become more
sophisticated, Aqua’s patented DTA technology proactively stops
threats before they reach deployment, preventing security breaches
and minimizing the potential impact of attacks. Learn more at
Aquasec.com.
About Aqua SecurityAqua Security sees and stops
attacks across the entire cloud native application lifecycle in a
single, integrated Cloud Native Application Protection Platform
(CNAPP). From software supply chain security for developers to
cloud security and runtime protection for security teams, Aqua
helps customers reduce risk while building the future of their
businesses. Founded in 2015, Aqua is headquartered in Boston, MA
and Ramat Gan, IL protecting over 500 of the world’s largest
enterprises. For more information,
visit https://www.aquasec.com.
Contact:media@aquasec.com