Application Security , Next-Generation Technologies & Secure Development , Video

Aqua CEO on Why Cloud-Native Apps Need Supply Chain Security

Aqua's Dror Davidoff Shares How Open-Source Repositories Create Risk for Cloud Apps
Dror Davidoff, co-founder and CEO, Aqua Security (Photo: Aqua Security)

Software has increasingly relied on components developed by third parties or from open-source libraries, which Aqua Security CEO Dror Davidoff warns injects additional risk into application development.

See Also: Infographic I NGINX 101

On-premises environments are still managed in more traditional ways, with the development and production phases completely siloed and the process lasting up to a month, Davidoff says. But in cloud-native environments, applications can be created, packaged and pushed into production in just hours, he says, while the push to take code from open-source repositories has created new areas of exposure (see: Israeli Security Companies CrowdStrike Could Buy for $2B).

"The constant pulling of different components of code from open-source repositories has created some unique challenges within the cloud-native application environment," Davidoff says. "This is true in more and more environments. But the cloud area is where we see the biggest exposure of the problem."

Information Security Media Group spoke with Davidoff before Aqua Security revealed it has laid off 10% of its employees, which Globes and Calcalist say totals 20 employees in Israel and 65 workers globally. The cuts will allow Aqua to strike a better balance between growth and profitability amid the economic downturn, Davidoff told Aqua employees in a message that was posted to the company's website Monday.

"As economic conditions change, we find ourselves once again focused on the responsible path," Davidoff wrote. "These changes were necessary to enable us to refocus on our core strengths and drive efficient growth in 2023 and beyond."

In this video interview with ISMG, Davidoff also discusses:

  • The biggest drivers behind Aqua's 100% year-over-year revenue growth;
  • How Aqua's approach to cloud security differs from Lacework, Orca and Wiz;
  • Why implementing runtime controls around cloud workloads is so critical.

Davidoff has more than 20 years of experience in sales management, marketing and business development in the enterprise software space. He has held executive positions at several emerging IT security and analytics companies. Before co-founding Aqua in 2015, Davidoff headed up global sales of database security products at McAfee (Intel Security), and prior to that he was executive vice president of sales and business development at Sentrigo, where he led its fast market share increase.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.