TNS
VOXPOP
Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
0%
No: TypeScript remains the best language for structuring large enterprise applications.
0%
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
0%
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
0%
I don’t know and I don’t care.
0%
Cloud Services / Security

Aqua Security Puts Its Money Where Its Claims Are

Aqua Security puts its money where its mouth is with a new $1 Million Cloud Native Protection Warranty.
Jul 28th, 2022 10:35am by
Featued image for: Aqua Security Puts Its Money Where Its Claims Are
Featured image by Ronny Overhate from Pixabay.

Recently Aqua Security, a cloud native security provider, announced its open source security scanner Aqua Trivy could scan just about any cloud native resources for security problems. Sounds good, but can Aqua really protect you from all possible attacks? Well, they’re willing to bet a million bucks they can protect your systems from attackers.

Dror Davidoff, Aqua Security CEO and co-founder, said, “Aqua is the only vendor that can thwart attacks across the entire development lifecycle and stop attacks when they matter most: in production. The best way to demonstrate confidence in our platform is to put our reputation on the line with a warranty. No one else in our space can make this claim.”

$1 Million in Protection

The company is doing it with the first, and so far, only, $1 Million Cloud Native Protection Warranty. The warranty claims its Cloud Native Application Protection Platform (CNAPP), can stop any and all cloud native attacks. You get the warranty at no cost to all customers when you fully deploy the Aqua Platform. If an attacker gets through, Aqua will pay up to a cool million in the event of a proven successful attack.

Of course, the devil’s in the details. Simply claiming that you’ve been hacked won’t cut the mustard.

Instead, the “Cloud Native Attack” must include — deep breath — “unauthorized access by a third party to the operating system of a host protected by the Aqua Platform that results in the malicious exfiltration, destruction, and/or irreversible encryption of the company’s data, which the company believes is substantial (has to value over $5,000). This will be evaluated and determined by Aqua’s cloud native research team, Aqua Nautilus.”

Aqua Nautilus will also require a full export of the customer configuration and access to your deployment’s Aqua’s audit page. In other words, if something goes wrong, Aqua wants to know what it was.

Minimum Requirements

You must be a customer with a minimum of a 1-year Aqua Software-as-a-Service (SaaS) subscription of at least $200,000. Your Aqua Platform subscription must also include the container and K8s Security and Advanced Malware Protection components. These must be running in all production workloads, and you must adhere to best practices.

Oh, and sign the Warranty Agreement! Doh!

If with all that you’re hacked, the warranty pays out in the amount of $1,000 prorated on an annual basis, per affected host, up to 1,000,000 annually.

If you are hacked, you notify Aqua within 24 hours of becoming aware of the attack. Aqua will tell you what to do from there — and help you fend off the attacker.

There are exclusions, of course. They boil down to “Don’t be an idiot.” I’m sure a lawyer could put it better, but you get the idea.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Simply, Aqua Security.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.