Dynamic Threat Analysis

The critical security sandbox layer for containers that weeds out advanced malware designed to activate in production. Advanced malware detection for every entry point from code to cloud.

Expose Advanced Malware Risk
Compliance for Containers
Containerized Apps Protection
Observe how containers behave before production
Pull in external container images and know exactly how they act before risking the production environment.
Achieve compliance with container security standards
Create policies around industry standards like NIST SP 800-218 and enforce container compliance. Verify container images are free of malware, misconfigurations, and vulnerabilities that can compromise the software supply chain.
Protect your containerized applications against attacks
Mitigate the risks of data theft, credential theft, using containers for DDoS, and cryptocurrency resource abuse targeted by Advanced Persistent Threats and polymorphic malware.

Expose Hidden Malware in CI Builds and Registries

Aqua DTA scans designated images directly from your registries and CI pipelines, preventing malicious images from being deployed in production environments, and “shifting left” incident response.

Expose Hidden Malware in CI Builds and Registries

Get Detailed, Actionable Data on Anomalous Container Behavior

Detects clear indicators of compromise (IoCs) such as container escapes, reverse shell backdoors, malware, cryptocurrency miners, and code injection backdoors, and provides full tracing of all activities.

Get Detailed, Actionable Data on Anomalous Container Behavior

Understand Attacks Before They Happen

Aqua DTA classifies detected behaviors into categories of the MITRE ATT@CK framework, enabling SecOps and forensics teams to see the entire kill chain and understand and bolster weaknesses in their security infrastructure.

Understand Attacks Before They Happen

Map Suspicious Network Activity

Tracks and displays on a map all communications between the container and external destinations, including file downloads, C&C servers, and data exfiltration destinations.

Map Suspicious Network Activity