TechNet Cyber Supporting Partner Opportunities


Stand Out in the Crowd! If branding, lead generation and market visibility are important to your organization, the supporting partner opportunities available at TechNet Cyber 2023 are exactly what you need. This event attracts over 4,000 cyber security professionals, who want to see the leading industry solutions, and take part in networking and business building opportunities.

Have an idea for a supporting partner opportunity you don't see listed below? Let us know! We are happy to discuss possibilities with you. Contact us today!

Deadline to purchase a Supporting Partnership is April 13th.

Aqua Security  

Burlington,  MA 
United States
https://www.aquasec.com/solutions/federal/
  • Booth: SPONSORS

Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. Aqua helps government reduce risk while building the future of their agencies. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from dev to cloud & back. Aqua’s CNAPP helps agencies address, comply & execute on EO 14028, OMB M-22-09 & BOD 23-01.


 Press Releases

  • U.S. Army to realize cloud security modernization and innovation with the Aqua Platform

    BOSTON, MA – Aqua Security, the pioneer in cloud native security, today announced it has won a multi-million-dollar contract with the U.S. Army to provide cloud native application protection platform (CNAPP) security. Under this contract, Aqua Security will provide technology and services that will enable the Army to expand their cloud, implement zero trust architecture, and enable secure, rapid software development enhancing cloud operations to achieve mission assurance.

    “Our team looks forward to helping the Army achieve their seven strategic objectives and meet their commitment to centralizing operations to accelerate modernization to the cloud,” said Al Nieves, Vice President Federal Sales, Aqua Security. “Aqua’s CNAPP will help contribute to the Army’s ability to determine and implement changes to existing solutions and meet global cloud zero trust capabilities."

    The U.S. Army is one of many federal agencies turning to Aqua Security to protect their cloud native applications.

    Aqua’s Unified Platform

    The Aqua Cloud Security Platform is a CNAPP solution comprised of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Automated policies for shift-left prevention and runtime detection and response reduce the attack surface and mitigate active attacks—before damaging losses can occur.

    To learn more about Aqua’s Federal Division, please visit Aquasec.com.

    About Aqua Security

    Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. We see what others don’t and we stop what others can’t. Aqua helps the U.S. Federal Government reduce risk while building the future of their agencies. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from dev to cloud and back. Aqua’s CNAPP helps agencies address, comply, and execute on Executive Order 14028, OMB M-22-09, and various binding operational directives including BOD 23-01. Founded in 2015, Aqua is headquartered in Boston, MA. For more information, visit https://www.aquasec.com/solutions/federal/

    Contact:

    Look Left Marketing

    aqua@lookleftmarketing.com

  • Five Fortune 500 companies and thousands of organizations worldwide potentially exposed to software supply chain attacks

    BOSTON—April 24, 2023—Aqua Security, the pioneer in cloud native security, today announced that its security research team, Aqua Nautilus, discovered 250 million artifacts and 65,600 container images that were exposed via thousands of misconfigured container images, Red Hat Quay registries, JFrog Artifactory and Sonatype Nexus artifact registries. Many contained highly confidential and sensitive proprietary code and secrets, leaving five Fortune 500 and thousands of other companies at risk.

    Registries and artifact management systems are crucial elements within the software supply chain, making them a prime target for threat actors. While many organizations open their container and artifact registries to the outside world deliberately and by design, they are sometimes unaware of, or unable to control sensitive information and secrets that leak into these registries. When attackers are able to gain access, they can potentially exploit the entire software development life cycle (SDLC) toolchain and its stored artifacts. Aqua’s research found that in some cases organizations have failed to properly secure these highly critical environments and in other cases sensitive information leaked into open source spaces, leaving these environments exposed to the internet and vulnerable to exploitation, which can lead to serious and damaging attacks.
     

    “We began our research with the goal to better understand misconfigurations in registries, the companies behind these misconfigurations and how a skilled attacker would take advantage of exposed and misconfigured registries,” said Assaf Morag, lead threat researcher for Aqua Nautilus. “The findings were both surprising and highly concerning. Given the magnitude of the risks we uncovered, we set out to find and alert the impacted companies.”

    The findings included:

    • Nautilus found sensitive keys including secrets, credentials, or tokens, on 1,400 distinct hosts, and private sensitive addresses of end points, such as Redis, MongoDB, PostgreSQL, or MySQL, on 156 hosts.
    • Researchers also found 57 registries with critical misconfiguration, and 15 of these allowed admin access with the default password.
    • Nautilus detected more than 2,100 artifact registries with upload permissions, which may allow an attacker to poison the registry with malicious code. In some cases, anonymous user access allowed a potential attacker to gain sensitive information, such as secrets, keys, and passwords, that could be used to launch a severe software supply chain attack or poisoning of the SDLC.
    • Companies impacted ranged from small to large organizations — including two large cyber security vendors —all over the world.

    IBM, one of the affected Fortune 500 companies, had an internal container registry exposed to the internet and was quick to close internet access to these environments and mitigate all the risks after Nautilus disclosed their findings. Other potentially impacted organizations included Alibaba, Siemens, and Cisco.

    Nautilus discovered that many organizations did not have a responsible disclosure program in place. These programs are crucial tools that allow security researchers to report potential vulnerabilities in a structured manner so that the organization can quickly resolve the issue before being compromised by malicious actors. Nautilus found that organizations with existing responsible disclosure programs were able to fix a misconfiguration in less than a week. The process was more difficult and time-consuming for those without such a program in place.

    “These findings by Aqua Nautilus highlight the need for increased awareness regarding software supply chain security best practices among developers and application security teams,” notes Katie Norton, Senior Research Analyst, DevOps & DevSecOps at IDC. “The explosion in code and use of open source, coupled with DevOps practices in rapid application development and delivery has left organizations behind and needing to catch up in terms of governance, security controls, and education.”

    On the back of these findings, Nautilus researchers recommend security teams take the following actions immediately:

    ●      Check if any registries or artifact management systems are exposed to the internet.

    ●      If the registry is connected to the internet by design, check that the version isn’t critically vulnerable and that you are not using the default password. Then verify that the passwords are strong enough and regularly rotate passwords.

    ●      In addition, verify that the anonymous user is disabled. If the anonymous user is purposely enabled, verify minimal privileges, and regularly scan your public artifacts in your repository to verify they do not contain any secrets or sensitive information.

    ●      Rotate any secrets that may have been exposed.

    “Our findings illustrate how easy it is for an attacker to compromise an organization’s SDLC as well as underscore the serious threat of overlooking simple configuration errors,” said Morag. “Moving forward, security teams should ensure they have responsible disclosure programs in place and invest more in detecting and mitigating threats to the software supply chain.”

    For more information, Aqua Nautilus published a blog and a checklist detailing the research findings and offering a list of best practices companies should take to protect against misconfigurations and potential security threats.

    About Aqua Nautilus

    Nautilus focuses on cybersecurity research of the cloud native stack. Its mission is to uncover new vulnerabilities, threats and attacks that target containers, Kubernetes, serverless, and public cloud infrastructure — enabling new methods and tools to address them. With a global network of honeypots, Aqua Nautilus catches more than 80,000 cloud native attacks every month, specifically those unique to containers and microservices that other platforms cannot see.

    About Aqua Security

    Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from dev to cloud and back. Founded in 2015, Aqua is headquartered

    in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

    Contact:

    Look Left Marketing

    aqua@lookleftmarketing.com

  • BOSTON — March 20, 2023 Aqua Security, the pioneer in cloud native security, today announced that it has been named as a Representative Vendor in Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP).the Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP). The new Gartner report examines the extensive CNAPP market and its growth potential, and it names representative vendors.

    Gartner describes CNAPPs as “offerings that bring together multiple disparate security and protection capabilities into a single platform, focused on identifying and prioritizing excessive risk of the entire cloud-native application and its associated infrastructure.” According to Gartner: “As organizations shift to a CNAPP-based approach, the synergy of an integrated platform will provide more benefits than a best-of-breed strategy that is difficult to scale.”

    “We believe Gartner analysis of the market is similar to our approach and vision for Aqua,” said Amir Jerbi, CTO and co-founder of Aqua Security. “We feel its emphasis on the benefits of using a vendor that provides an integrated platform further demonstrates that Aqua is on the cutting edge, leading the industry for cloud native security solutions.”

    Best Approaches with Runtime and eBPF

    Gartner emphasizes that security leaders responsible for cloud security strategies should: “Favor CNAPP vendors that provide a variety of runtime visibility techniques, including traditional agents, Extended Berkeley Packet Filter (eBPF) support, snapshotting, privileged containers and Kubernetes (K8s) integration to provide the most flexibility at deployment.”

    In addition, Gartner states “Agentless workload scanning has become a popular approach and an expected core CNAPP capability, although in-workload approaches provide the best protection.”

    Aqua’s runtime security solution was organically developed by Aqua and is integral to the Aqua CNAPP. The Aqua Platform was the first CNAPP to combine active protection with agentless workload visibility. Based on eBPF technology, Aqua’s Lightning agent is faster, lighter, and easier to manage at scale than the agents of yesterday. It complements Aqua’s agentless cloud workload scanning to provide easy, comprehensive visibility while delivering real-time, granular runtime detection and protection.  

    Supply Chain Security

    Regarding software supply chain security, Gartner states that the attack surface of cloud-native applications is increasing, and attackers are targeting the software supply chain itself.  According to Gartner, “Over time, these types of capabilities will be incorporated by larger CNAPP offerings.”

    Aqua is ahead of the curve and has already integrated end-to-end supply chain security into the Aqua Platform.

    One Integrated Platform

    Gartner recommends that Security Leaders should “Reduce complexity and improve the developer experience by choosing integrated CNAPP offerings that provide complete life cycle visibility and protection of cloud-native applications across development and staging and into runtime operation.”

    “From day one, our vision at Aqua has been crystal clear: to deliver a single end-to-end security solution for the entire cloud native application lifecycle in one holistic platform. We’ve always believed that to be a true CNAPP, a solution must include both shift-left scanning, broad visibility, and crucially strong runtime controls that can detect and stop attacks in progress,” adds Jerbi.

    Access a complementary version of the Gartner full Market Guide for CNAPP or learn more about Aqua’s CNAPP.

    GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

    Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

    About Aqua Security

    Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from dev to cloud and back. Founded in 2015, Aqua is headquartered

     in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

    Media Contact:
    Jennifer Tanner

    Look Left Marketing

    aqua@lookleftmarketing.com

  • Techstrong Recognizes the Aqua Platform for Its CNAPP Innovation and Market Leadership

    BOSTON— January 18, 2023—Aqua Security, the leading pure-play cloud native security provider, today announced that it has been named the Best Cloud Native Security Solution/Service in Techstrong Group’s DevOps Dozen Awards. Aqua was honored for its innovative Cloud Native Application Protection Platform (CNAPP) and influential commitment to the DevOps and security community. 

    "The term ‘cloud-native security’ was literally coined by AquaSec. They continue to be a market leader, innovating to keep their users safe and secure,” said Alan Shimel, founder and CEO at Techstrong Group. “We are proud to honor them with this year’s cloud-native security provider award.”
     

    As the industry pioneer, Aqua is committed to advancing cloud-native security to help its customers solve security challenges for the new cloud-native application stack. Aqua secures customers’ cloud-native assets from day one and protects them in real time with the industry’s most integrated CNAPP backed by a $1M warranty. After expanding its platform with Software Supply Chain Security, it is the only end-to-end solution that can identify risks in every phase of the application lifecycle.
     

    “Since inception, Aqua’s mission has been to help organizations holistically protect their cloud-native applications and reduce risks to their business,” said Dror Davidoff, CEO at Aqua Security. “We’re delivering on that mission by consolidating tools and providing one platform — from development to cloud and back. This award validates Aqua’s leadership and technology and is a true testament to our commitment to protecting our customers.”
     

    The DevOps Dozen Tools and Services category recognizes the companies who create and deliver outstanding solutions to empower developers, DevOps and IT operations teams. This award comes on the heels of several other innovation accolades. In the second half of 2022, Aqua Security was named the “Top Innovation Leader” in the Frost & Sullivan Global Cloud-Native Application Protection Platform Report, a Leader in the 2022 GigaOm Radar Report for Vulnerability Management, and was named Cybersecurity Company of the year.

    To learn more about the Aqua Platform, visit our website, or download our white paper “A CISO’s Guide to CNAPP” for a detailed look at the key ingredients to stopping a cloud native attack. 


     

    About Aqua Security  

    Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.  

    Contact:

    Jennifer Tanner

    Look Left Marketing

    aqua@lookleftmarketing.com


     

Contact this Exhibitor/Sponsor

Type your information and click "Send Email" to send an email to this exhibitor. To return to the previous screen without saving, click "Reset".