Pay-Per-Scan Offering Allows Customers to Ensure Images are Free of Common Security Issues such as Known Vulnerabilities, Sensitive Data and Configuration Errors
Nov 15, 2017, Tel Aviv, Israel – Aqua Security today announced that it’s launched a pay per scan, on-demand vulnerability scanning service for Amazon Web Services (AWS) customers that build, store, or manage container images on AWS or on-premises. Aqua’s pay-per-scan service offers a fast, convenient and cost-effective way for AWS customers to identify vulnerabilities and security issues in container images before they are run.
“We are excited to be the leading technology company to provide an easy-to-use vulnerability scanning service for AWS ECS users,” said Ran Nahmias, Senior Director of Cloud & Strategic Initiatives, Aqua Security. “The easier we make it for developers to scan images, the more receptive they will be to incorporating additional security controls. Every step counts, and we appreciate Amazon’s support of our vision to make security ubiquitous throughout the application delivery lifecycle.”
Aqua’s On Demand Vulnerability Scanner – How it Works:
Once prompted by the user, Aqua’s vulnerability scanner automatically connects to the user’s registry (ECR or other registries) and scans the desired images on demand. Users are charged via their AWS account. Some of its core functionality includes:
- Scans Docker images stored in AWS Container Registry (ECR) as well as on other private registries for known vulnerabilities, secrets, and configuration risks
- Scans both OS packages (RPM, Deb, Alpine) and numerous languages including Java, NodeJS, Python, C/C++, PHP, and Ruby
- Triangulates multiple public, vendor-issued and proprietary CVE data streams to maximize coverage and minimize false positives
- Lists all image packages and layer history
- Detects sensitive data and secrets embedded in Docker images
- Provides vulnerability scores and severities
- Delivers actionable mitigation information to developers, enabling them to fix security flaws
Availability and Pricing:
The Aqua Vulnerability Scanner for AWS is available now on the AWS Marketplace
Pricing starts at 29 cents per scan. Higher volume pricing and trial licenses are available on request from Aqua.
- Aqua Blog: How Aqua Scans Container Images On Demand on AWS
- Aqua Security Scanner on the AWS Marketplace
- Aqua Container Security for AWS ECS
About Aqua Security
Aqua Security enables enterprises to secure their virtual container environments from development to production, accelerating container adoption and bridging the gap between DevOps and IT security. Aqua’s Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua was founded in 2015 and is backed by TLV Partners, Microsoft Ventures, and IT security leaders, and is based in Israel and San Francisco, CA. For more information, visit www.aquasec.com or follow us on twitter.com/AquaSecTeam.