Introduction to Aqua Security
Aqua Security, established in 2015, pioneers in securing containerized cloud native applications throughout their lifecycle. With their Cloud Native Application Protection Platform (CNAPP), they serve over 500 enterprise clients, integrating security from code to cloud deployment.
The Data Export Challenge
As Aqua’s customer base grew, they faced significant challenges in data management:
- Managing massive volumes of enterprise-level security data
- Maintaining internal control of sensitive security findings
- Ensuring secure handling of customer environment data
Technical Solution Implementation
Aqua implemented a robust solution utilizing AWS services, primarily focusing on:
- Aurora PostgreSQL-Compatible database for data storage
- aws_s3.query_export_to_s3 function for efficient data export
- Step Functions state machine for process orchestration
- Lambda functions for specific task execution
Key Solution Components
The implementation features a sophisticated pipeline including:
- Scheduler Lambda function triggered by CloudWatch
- Query exporter function for data extraction
- S3 bucket integration for data storage
- Poller function for job status monitoring
- Data transfer mechanism to customer-specified locations
Benefits and Results
The solution delivered significant advantages:
- Enhanced scalability for large-scale data export
- Cost-effective storage and processing
- Automated workflow reducing manual intervention
- Improved security operations and monitoring
This integration exemplifies how organizations can leverage AWS services for efficient data management and security operations at scale.