Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
No: TypeScript remains the best language for structuring large enterprise applications.
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
I don’t know and I don’t care.
Cloud Native Ecosystem / Containers / Security

Aqua Security Automates Configuration Vulnerability Remediation

Aqua Enterprise introduces a SaaS version of Aqua Security's enterprise offering, on top of its existing self-hosted version, and adds some capabilities for securing workloads at runtime.
Jul 30th, 2020 8:04am by
Featued image for: Aqua Security Automates Configuration Vulnerability Remediation

Cloud native security company Aqua Security has launched two new offerings, with a handful of new features alongside them, both for the cloud native newcomer as well as the enterprise already well on its cloud native journey. First, Aqua Wave is a SaaS-only offering that works to secure both applications as they are built as well as the infrastructure they are deployed on. Second, Aqua Enterprise introduces a SaaS version of Aqua Security’s enterprise offering, on top of its existing self-hosted version, and adds some capabilities for securing workloads at runtime.

“They’re really intended to serve what we see as a variety of maturity levels within the market. Even larger enterprises will run on Aqua Wave of securing hundreds of cloud accounts, but they just don’t go as deep as the Aqua Enterprise capabilities. So, it’s the breadth versus depth as opposed to just breadth,” said Rani Osnat, vice president of strategy at Aqua Security. “Aqua Wave is intended for people who are either in an earlier stage of their cloud native journey or are more interested in the infrastructure aspects of securing their public cloud. It includes our cloud security posture management (CSPM) products, which allow you to audit as well as remediate various settings in your cloud account settings and services across AWS, Azure GCP and Oracle Cloud but also adds scanning capabilities for container images, as well as dynamic threat analysis.”

Osnat said that the company previously had a platform called Aqua CSP and that they “added some capabilities to it and repackaged it” as Aqua Enterprise, also adding on this SaaS capability. In addition to the launch of these two new offerings, Osnat pointed to a few standout features that were launched with this release.

Included in the release of Aqua Wave is an updated version of Aqua Cloud Security Posture Management (CSPM), which now takes support for Google Cloud Platform (GCP) and Oracle Cloud out of beta, offers scanning of Terraform and AWS CloudFormation, as well as Vulnerability Scanning and Dynamic Threat Analysis product, both integrated as options.

Beyond simply scanning, however, CSPM now provides auto-remediation features.

“It’s this notion where we don’t just review your settings and say ‘this needs to be fixed,’ we also tell you how to fix it and give you the option of letting us fix it for you,” said Osnat. “And we do this in a very granular fashion, because if you think about it from a security standpoint, we’re a third party vendor. You don’t want to give us the keys to your kingdom to go fixing your cloud configuration automatically. You want it to be very selective.”

Instead of granting blanket access, Osnat explained, they use tokens that can provide Aqua with granular access to individual services or even just one setting within a service.

On the Aqua Enterprise side of things, the company introduced a risk-based insight feature, which prioritizes vulnerabilities according to specific, contextual customer environment risks — for example, whether or not the vulnerabilities are present in non-running legacy code that is kept around for compliance purposes or, more urgently, is present in code running in production. Aqua also introduced multi-application role-based access control (RBAC), which makes it easier to determine who has access to what in the more distributed development environments more common in enterprises.

Aqua Wave and Aqua Enterprise, as well as the previously introduced Aqua Dynamic Threat Analysis, are all now generally available.

Feature image by Theme Photos on Unsplash.

At this time, The New Stack does not allow comments directly on this website. We invite all readers who wish to discuss a story to visit us on Twitter or Facebook. We also welcome your news tips and feedback via email:

Group Created with Sketch.
TNS owner Insight Partners is an investor in: The New Stack, Aqua Security.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.