Application Security , Next-Generation Technologies & Secure Development , Video

Aqua CEO on Why Cloud-Native Apps Need Supply Chain Security

Software has increasingly relied on components developed by third parties or from open-source libraries, which Aqua Security CEO Dror Davidoff warns injects additional risk into application development.

See Also: Single Tool Security | Prisma® Cloud for Your Multi-cloud, Hybrid, and Microservice Environments

On-premises environments are still managed in more traditional ways, with the development and production phases completely siloed and the process lasting up to a month, Davidoff says. But in cloud-native environments, applications can be created, packaged and pushed into production in just hours, he says, while the push to take code from open-source repositories has created new areas of exposure (see: Israeli Security Companies CrowdStrike Could Buy for $2B).

"The constant pulling of different components of code from open-source repositories has created some unique challenges within the cloud-native application environment," Davidoff says. "This is true in more and more environments. But the cloud area is where we see the biggest exposure of the problem."

Information Security Media Group spoke with Davidoff before Aqua Security revealed it has laid off 10% of its employees, which Globes and Calcalist say totals 20 employees in Israel and 65 workers globally. The cuts will allow Aqua to strike a better balance between growth and profitability amid the economic downturn, Davidoff told Aqua employees in a message that was posted to the company's website Monday.

"As economic conditions change, we find ourselves once again focused on the responsible path," Davidoff wrote. "These changes were necessary to enable us to refocus on our core strengths and drive efficient growth in 2023 and beyond."

In this video interview with ISMG, Davidoff also discusses:

• The biggest drivers behind Aqua's 100% year-over-year revenue growth;
• How Aqua's approach to cloud security differs from Lacework, Orca and Wiz;
• Why implementing runtime controls around cloud workloads is so critical.

Davidoff has more than 20 years of experience in sales management, marketing and business development in the enterprise software space. He has held executive positions at several emerging IT security and analytics companies. Before co-founding Aqua in 2015, Davidoff headed up global sales of database security products at McAfee (Intel Security), and prior to that he was executive vice president of sales and business development at Sentrigo, where he led its fast market share increase.