Aqua Security has acquired Argon, a pioneer in software supply chain security. Argon and Aqua now offer the industry’s first solution to secure all stages of software build and release. Shifting further “left,” Aqua Security’s Cloud Native Application Protection Platform (CNAPP) is now the only solution that can protect the full software development lifecycle (SDLC) from code through build to runtime, ensuring the end-to-end integrity of applications.
“With the addition of Argon to the Aqua Platform, we continue to execute on our vision of full lifecycle cloud native protection,” said Dror Davidoff, CEO and Co-Founder, Aqua. “There’s a lot of noise in the growing cloud native security market, but few vendors offer true CNAPP capabilities. The addition of Argon’s unique technology propels Aqua even further ahead of the competition making us the only vendor in the space that fully protects how cloud applications are developed, deployed, and run. We are thrilled to welcome Argon to the family and bring our customers end-to-end cloud native application protection.”
Preventing Software Supply Chain Attacks
The industry is experiencing a dramatic shift in attackers targeting the supply chain with recent high-profile attacks such as SolarWinds and CodeCov. From code theft to code manipulation, bad actors are increasingly exploiting weaknesses in the software delivery pipeline. Enterprises are required to take a proactive, modernised approach to protect the integrity of their software and to secure their customers and products. Aqua’s cyber research team, Nautilus, has also reported on attacks targeting CI/CD tools and the container supply chain.
“Leading cloud services providers are releasing software as frequently as every 15 seconds. Humans cannot keep up with the velocity, and the threat of supply chain attacks has never been greater. The industry demands a new approach,” says Eilon Elhadad, CEO and Co-Founder, Argon. “We believe in Aqua’s vision for cloud native security and its mission to protect enterprises in the cloud. We are eager to join forces and become the only vendor to allow organisations to not only run, but also build software, securely.”
Argon seamlessly connects to existing CI/CD pipelines via an agentless implementation and instantly maps the development environment itself, as well as assets, code, and user activities. The solution prioritises and automates remediation of issues to follow security best practices and compliance rules while ensuring zero-trust deployment. Argon's code-tampering detection technology performs validity checks on every step of the software delivery process to confirm no tampering has occurred, ultimately preventing supply chain attacks.
Today Argon employs 30 team members primarily in R&D, with the majority based in Tel-Aviv. The engineering team is composed of army elite graduates from Israeli Intelligence Unit 8200 and the Israeli Air Force unit Ofek, and brings extensive background in security and software with experience at some of the world’s leading technology companies including Microsoft, Wix, Check Point and Fiverr.
Argon Extends Aqua’s CNAPP Leadership
Aqua Security is the pioneer in securing cloud native environments and is the industry’s leader in CNAPP, offering an integrated platform that embeds controls early in development and seamlessly bakes them in all the way into production, protecting applications wherever they’re deployed.
Argon’s solution complements Aqua’s existing “shift left” capabilities, that include both vulnerability management and Infrastructure-as-Code (IaC) security. Most notably, Aqua’s Dynamic Threat Analysis (DTA), which detects and mitigates advanced threats and unknown malware in third-party container images using a secure sandbox, combined with Argon’s extensive supply chain protection enables Aqua’s customers to trust code regardless of its origin.
“There’s a big difference between seeing what’s in your infrastructure from actually protecting, preventing and stopping attacks in a highly automated environment. This is how Aqua has always differentiated itself from the competition. The addition of Argon’s team and technology is the latest move ensuring we can protect our customers against rising supply chain attack threats,” said Amir Jerbi, CTO and Co-Founder, Aqua.