Learn More

Aporeto is a developer-centric, cloud-native security company that makes distributed applications secure by default without impacting developer speed. Its enterprise cloud-native security solutions are easy to manage and purpose-built for modern, agile distributed systems based on containers, microservices, and serverless architectures as well as legacy applications. Aporeto’s enterprise cloud-native security solutions work at any scale on public, private or hybrid clouds.

Features and Benefits

Manage security via identity, not IP addresses

Identity attributes with Aporeto are key-value pairs that are derived automatically or provided as part of your standard application delivery pipeline (e.g. a Docker label or the Kubernetes NetworkPolicy resource). With these attributes, you can create security policies for network access, storage, image signatures & vulnerabilities, and API access. Your security policies will be based on more relevant context than underlying infrastructure information, like VLANs and IP addresses.

Multi-cloud, multi-availability zone application security without networking complexity

The Aporeto enforcer also solves the problems of ingress/egress traffic control to external services and multi-cluster deployments. Distribute your applications and clusters across multiple availability zones - Aporeto will seamlessly perform end-to-end authentication, authorization, and encryption in all communications without complex VPN tunnels and security rules.

Lightweight, portable, scalable security

The Aporeto Enforcer component can run as a container in various container management platforms (Docker, Kubernetes, and OpenShift, for example), or any other form-factor of Linux, from bare metal Linux process or a even systemd process. For container-to-container traffic, network enforcement is based on attributes passed in the TCP 3-way handshake, without complicated IPtables rules.

Set-and-forget cloud-native security

Once Aporeto has been configured, security for your application is transparent to your developers, who can now concentrate on specific application and microservice functionality versus having to code in security. With Aporeto, your cloud-based services are Zero-Trust Network ready, via automatic mutual authentication, mutual authorization, and encryption.

Aporeto developer-centric enterprise security secures heterogeneous environments that include systemd, Linux, and container management platforms on any cloud and at any scale. To experience a subset of Aporeto's data path security functionality, you may download and install Trireme, our open source project.
Primed For
OpenShift Origin 1.3
Primed On