Cloud native application protection platform delivering full-lifecycle container and Kubernetes security with AI-powered behavioral analytics for runtime threat detection. The dedicated Secure AI module extends protection to LLM workloads, detecting OWASP Top 10 for LLM risks, model poisoning, and prompt injection while maintaining supply chain integrity through SBOM generation.
| Tier | Price | Includes |
|---|---|---|
Cloud Security | Contact sales | — |
Dev Security | Contact sales | — |
Platform | Contact sales | — |
Aqua adds runtime behavioral detection on top of CNAPP, including LLM workload monitoring.
Aqua scans container images in CI for vulnerabilities and misconfigurations, then runs the Enforcer agent on every node to profile baseline container behavior at runtime. Deviations such as unexpected outbound connections, file writes outside expected paths, or privilege escalation are killed in-line. The Secure AI module extends the same telemetry to LLM workloads, watching for prompt injection, model poisoning, and OWASP LLM Top 10 abuse patterns.
Who it's for. Security and platform teams of 10 to 100 engineers running containerized workloads at scale, especially shops deploying ML inference services next to traditional microservices. A canonical scenario: a model-serving pod begins making outbound calls to an unknown external API, and Aqua's runtime engine detects the behavioral anomaly, kills the pod, and posts the full process tree to the security channel.
Tradeoffs. Sales-only across all three tiers with no free evaluation path. Runtime protection is agent-based, which adds operational overhead and runs counter to the agentless trend that Wiz and Orca have established. The agent footprint can be material on dense nodes.
Compare: Wiz, Orca Security, Sysdig, Prisma Cloud
