Aqua Security today announced Aqua Compass, a Model Context Protocol (MCP) server that enables agentic investigation, containment and remediation of runtime incidents, and new runtime risk dashboards. These capabilities help security teams move beyond identifying risk and focus on containing threats in running applications.
Aqua Compass is an MCP server embedded within Aqua's runtime security workflows.
Enables AI agents to analyze, contain, and remediate runtime incidents in seconds.
Generates hardened runtime policies to block malicious behavior immediately.
New runtime risk dashboards convert vulnerabilities into quantified monetary exposure.
Built on Aqua's 11+ years of runtime enforcement inside containerized workloads.
Supports human-in-the-loop oversight for agentic decision-making.
Cloud native development and AI-generated code are dramatically increasing the number of vulnerabilities reaching production environments, while attackers are automating exploitation and compromising systems within minutes. Many organizations now face a growing problem: They can see the risk, but they cannot fix it fast enough. The announcement builds on Aqua's Secure AI capabilities, extending the company's AI innovation from protecting AI applications to applying AI directly to runtime security operations.
Aqua Compass addresses this challenge by introducing an MCP server embedded directly within Aqua's runtime security workflows. Through the MCP interface, customers can build AI agents that interact with Aqua's runtime intelligence and enforcement controls without leaving the environments they already operate in. These agentic workflows enable teams to move from alert to action in seconds, as agents analyze activity, contain vulnerabilities, recommend remediation steps, and support execution with a human in the loop to oversee decisions and maintain control without slowing the response.
Aqua Compass is able to analyze live malware attacks inside a containerized workload, identify the malicious behavior, and recommend specific steps to isolate the compromised pod. The workflow then generates a hardened runtime policy scoped to the affected namespace, immediately blocking similar behavior. Compass enables teams to respond with the speed and precision typically associated with highly experienced analysts. As security teams rapidly shift toward agentic automation to stay ahead of attackers, organizations can begin building security agents on top of Aqua Compass today.
Alongside Compass, Aqua also introduced a new suite of runtime risk dashboards that convert vulnerabilities and misconfigurations into customer-quantified monetary exposure. As runtime controls are enforced, that exposure is continuously recalculated, allowing security teams to measure how risk is being reduced in production environments. By correlating runtime activity, vulnerabilities, and enforcement outcomes, the dashboards translate Aqua's runtime telemetry into operational metrics that show where risk exists and which controls are having the greatest impacts.
These capabilities are made possible by Aqua's runtime visibility and enforcement architecture, developed over more than eleven years of securing containerized applications in production. Aqua's agent-based enforcement operates directly inside running workloads, providing sophisticated runtime telemetry and enabling patented enforcement techniques that stop exploitation in real time. Combined with adversary intelligence from Aqua's Nautilus research team and telemetry from millions of protected workloads, this foundation allows Aqua to translate runtime activity into meaningful risk insights through its dashboards while enabling Compass to investigate attacks and generate containment policies that can be enforced immediately in production environments.
Conclusion
As Mike Dube, CEO of Aqua Security, stated: "The industry spent the last decade building visibility into cloud environments, but visibility alone does not stop attacks. Vulnerabilities are being exploited faster than organizations can remediate them, which means the old model is becoming obsolete. The future of cloud is autonomous runtime security. With more than a decade of embedding enforcement directly inside production workloads and patented innovations in runtime security, Aqua is uniquely positioned to secure cloud native environments today and into the future." To learn more about Aqua's latest runtime security innovations, request a demo or visit the blog.
About Aqua Security
Aqua Security protects what runs in the cloud. The Aqua Platform monitors the real behavior of running workloads to determine which vulnerabilities and actions actually impact live applications. It evaluates images before deployment, observes workloads in production, and enforces policy at runtime to contain and mitigate unsafe actions. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, Israel, and protects more than 500 of the world's largest enterprises.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.