Several legacy vendors claimed to have updated products to support cloud-native implementations . As Vinicius Ferreira , PPRO ’ s Security Engineering Manager at PPRO , said : “ Our team found that since they were not architected from the ground up to work with cloud-native applications , they lacked the necessary flexibility to support containerised workloads in a dynamic and elastic cloud environment . Adding to the challenge were pricing models that didn ’ t match well with PPRO ’ s dynamic environment .”

PPRO initially rolled out the Aqua solution on a custom-hosted instance , before Aqua ’ s release of a full software-as-a-service ( SaaS ) version . That early experience led the company to be an early adopter of the SaaS release , as it reduced the resources needed for updates .

built on Kubernetes , mostly running on AWS but with some applications on Microsoft Azure and Google Cloud Platform . The Continuous Integration and Continuous Delivery CI / CD pipeline is centred around the Kubernetes-native continuous deployment tools Argo CD and Gitlab , with images stored in Amazon ECR .

to build , support and maintain it – the team chose to go with a commercial solution from Aqua Security .

The connection : Bridging the gap between developers , operations and security slashes remediation time

In an environment as complex as PPRO ’ s , there are always going to be thousands of vulnerabilities discovered at various stages from development through rollout to production . For most organisations , getting to a state of zero vulnerabilities is simply not realistic . Ferreira added : “ The challenge is to understand which ones represent real risk ,

The solution : End-to-end visibility and compliance at speed

The move to containers triggered a fresh look at security to achieve the ‘ situational awareness ’ necessary to meet customer expectations and support audit activities . Visibility with existing security tools lacked an understanding of the more modern , complex and dynamic environment , in terms of both configuration assurance and runtime controls .

PPRO first explored open-source offerings as a potential solution and considered various options . In the end , given the time necessary to adapt something for their environment – and the resources needed

www . intelligentfin . tech

49