Aqua Security Raises USD 60M, Hits USD 1B Valuation for Cloud Security

Highlights:

• Aqua Security claims that releasing the code into a company’s production cloud environment can help fend off hacker efforts.
• Aqua Security claims that its platform can check for known vulnerabilities in any open-source component that developers install on behalf of a corporation.

Aqua Security Inc., a firm that assists businesses in safeguarding their cloud workloads against harmful and susceptible code, revealed that it has successfully raised USD 60 million in funding.

Evolution Equity Partners headed the investment. StepStone Group, Lightspeed Venture Partners, and Insight Partners joined the round. The USD 135 million Series E round Aqua Security closed in 2021 was extended with this financial inflow, valuing the company over one billion dollars.

Based in Boston, Aqua Security offers a cloud-native application protection platform (CNAPP) with the same name. Before deploying new code its developers write, organizations can use the platform to check it for cybersecurity concerns. Furthermore, Aqua Security claims that releasing the code into a company’s production cloud environment can help fend off hacker’s efforts.

Dror Davidoff, Chief Executive Officer and Security Co-founder of Aqua, said, “Eight years ago, we envisioned a world where all new applications would be built native to the cloud. Today, we are here in a market we pioneered with a purpose-built solution to protect customers’ digital transformations.”

Most enterprise apps combine several open-source components. Aqua Security claims that its platform can check for known vulnerabilities in any open-source component that developers install on behalf of a corporation. The software also identifies other problems, like licensing limitations and poor coding, that could make it more difficult to maintain applications.

According to Aqua Security, its technology can identify vulnerabilities in the development toolkits and application teams’ code. It finds vulnerable configuration options in Jenkins, GitHub, and other well-known development tools. For each problem it finds, it also offers remediation recommendations to expedite the troubleshooting process.

The organization’s platform records any modification made by developers to a code repository, assisting businesses in ensuring internal cybersecurity guidelines are being followed. A developer has the option to encrypt a new code snippet before adding it to the repository. This particular piece of information facilitates the process of looking for signs of manipulation.

Aqua Security can also identify applications with cybersecurity problems after development. The business claims that its technology automatically looks for indications of fraudulent behavior in its clients’ cloud workloads. It searches for signs of a breach, as when an application manages to go around the software container it’s executing to access the underlying operating system.

Software teams use scripts known as infrastructure-as-code, or IaC, to control the cloud infrastructure that hosts their apps. Those scripts automate typical administrative operations like installing OS systems and spinning up new virtual machines. The platform from Aqua Security checks IaC files for configuration errors that could make cyberattacks more likely.

The business has experienced fast expansion and announced a fresh investment round. Aqua Security revealed in September that during the first half of 2023, it saw a 65% growth in new business. According to the company, more than 500 clients use its platform, including major corporations like Apple Inc. and JPMorgan Chase and Co.