Taking The Big Leap in Cloud Application Security (or Cloud-Native Security).

Our Investment in Aqua.

We’re very excited to be joining forces with Aqua just as the container market is emerging. While containers and Aqua specifically have shown tremendous growth, the market is still in its infancy — we see this as an exciting opportunity.

Containers are not just for web-scale companies like Facebook and Netflix anymore. Enterprise companies are adopting containers across industries and across geographies. This is happening via grass-roots, bottom-up projects driven by DevOps teams, as well as enterprise-wide, top-down design initiatives that recognize that containers can drive hybrid cloud strategies, agile application delivery, and cost savings.

Aqua is at the nexus of several forces that are shaping the present and future of enterprise IT and, as a result, of how enterprises approach security:

● The DevOps movement with its drive to create more fluid, dynamic application delivery has been around before containers, but containers are making it a lot easier to adopt and scale.

● Cloud has also been around for a while, and is seeing a surge in adoption with real competition emerging in what is a space still dominated by AWS. But containers make migration to the cloud easier, and make it possible to realize true hybrid-cloud strategies.

● Cloud-native, microservices-based architecture are changing how applications are built and deployed. This again is enabled by containers in a major way, driving the adoption of an entirely new stack of tools.

What does this mean for security? Well, for starters, security is becoming an enabler instead of an inhibitor. The kind of security provided by Aqua’s platform drives innovation forward, makes application delivery at DevOps speed possible in a secure way, removing obstacles instead of creating them.

As applications move to the cloud, the focus of security team fundamentally changes from focusing on infrastructure, network security and identity management to the higher layers of application security. This is because much of the basics are taken care of by the infrastructure and the cloud provider. If you’re running applications on Azure, it is Azure that ensures that no unauthorized users will have access to your VMs, and that no intruder will be able to traverse their network by invading another customer’s VM. But securing the application is still your responsibility — the cloud provider won’t touch that.

These trends will render many of the existing security tools and approaches obsolete. Aqua is bringing about a truly disruptive change. Aqua’s approach of providing full lifecycle security for containerized applications not only makes sense, it is necessary in order to manage and simplify the disruptive aspects of containers: the speed at which they are developed and deployed, the visibility required to understand their actions, the control points needed to prevent attacks, and the automation to handle it all.

We were impressed by Aqua’s technology and vision, but even more impressed by the team and its track record in working with some of the largest enterprise container deployments. Aqua’s roster of customers includes some of the world’s largest banks, insurers, retailers, software companies and manufacturers who they are partnering with to help transform those organizations’ application infrastructure.

This is why Lightspeed is looking forward to work with the Aqua team in driving market adoption of its solutions, realizing the vision of superior security and agility, and meeting the demand of this exciting market.

— Ravi Mhatre and Yoni Cheifetz, Lightspeed Venture Partners