Products
SHARE
Facebook X Pinterest WhatsApp

Aporeto: Container Security Product Overview and Analysis

See our complete list of top container and Kubernetes security vendors Company Fundamental to Aporeto’s approach is the principle that everything in an application is accessible to everyone and could be compromised at any time. The company was founded in 2015 with company headquarters in San Jose, CA. The company is led by CEO Jason […]

Written By
thumbnail Sean Michael Kerner
Sean Michael Kerner
Dec 26, 2018
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Aporeto

See our complete list of top container and Kubernetes security vendors

Company

Fundamental to Aporeto’s approach is the principle that everything in an application is accessible to everyone and could be compromised at any time. The company was founded in 2015 with company headquarters in San Jose, CA. The company is led by CEO Jason Schmitt, formerly of HPE, with co-founders from Nuage, Cisco and VMware.

Products

Aporeto uses application context to enforce authentication, authorization, and encryption policies for applications. With Aporeto, enterprises implement a uniform security policy decoupled from the underlying infrastructure, enabling workload isolation, API access control and application identity management across public, private or hybrid clouds.

The Aporet product has two core components :

  • A SaaS security orchestrator for policy management and visibility of application dependencies across a heterogeneous environment.
  • An enforcer that performs distributed policy enforcement. The enforcer can be deployed as an agent, a Kubernetes daemon-set, a privileged container, a sidecar or a customer authorizer for API gateways.

Key Features

  1. Zero Trust policy enforcement for workload segmentation independent of infrastructure: Authenticate and Authorize requests both at L4 (TCP) and L7 (HTTP) between workloads or between a user and a workload. A workload can be container, process or serverless. Policy is defined centrally but enforced in a distributed manner. Policy enforcement works independent of IP addresses and applicable to workloads on public or private clouds.
  2. Service Identity: In order to authenticate and authorize a persistent workload, identity is required. Aporeto assigns workloads (container or process) a cryptographically signed service identity independent of IP infrastructure.
  3. Application visibility for compliance: Dependency maps across all applications protected by Aporeto independent of the infrastructure on which the application is deployed.
  4. Runtime visibility: For containers, Aporeto offer runtime visibility of interactions between the container and the host and enforcement of runtime policies.

Product Performance Metrics

The use of service identity independent of IP infrastructure for policy enforcement allows the solution to scale to tens of thousands of hosts. Performance overhead is very minimal for Layer 4 enforcement. Only TCP connection establishment is in the enforcer data path. Once a connection is mutually authenticated and authorized, the enforcer is no longer in the data path.

Delivery

SaaS service with options for custom deployments for regulated industries

Pricing

Subscription pricing model

thumbnail Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Recommended for you...

thumbnail Proxy vs VPN: Which One Do You Really Need?
Products
Proxy vs VPN: Which One Do You Really Need?
Matt Gonzales
Sep 24, 2025
thumbnail 5 AWS Security Tools Every Team Should Know
Products
5 AWS Security Tools Every Team Should Know
Matt Gonzales
Sep 24, 2025
thumbnail The 6 Best Email Security Software & Solutions (Compared and Reviewed)
Products
The 6 Best Email Security Software & Solutions (Compared and Reviewed)
Matt Gonzales
Sep 24, 2025
thumbnail 5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
Products
5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
Matt Gonzales
Sep 4, 2025
eSecurity Planet Logo

eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.

facebook
linkedin
x

Company

About us Contact us Advertise with us

Categories

Best Products Networks Cloud Threats Trends Endpoint Applications Compliance

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information