Vulnerability Scanning and Management

Protect cloud native applications by minimizing their attack surface, detecting vulnerabilities, embedded secrets, and other security issues during the development cycle. Gain insight into your vulnerability posture and prioritize remediation and mitigation according to contextual risk.

Shift-left security
Comprehensive, Accurate Results
Risk-based insights
Shift-left security
Aqua automates security testing in your CI/CD pipeline, and continuously scans registries and serverless function stores to detect emerging risks. You get actionable feedback within your CI environments to empower developers to fix issues fast.
Comprehensive, Accurate Results
Aqua relies on a variety of sources and proprietary research to curate and present vulnerabilities in the most accurate way, minimizing false positives and unnecessary noise in the pipeline.
Risk-based insights
Focus on the most important and urgent vulnerabilities to prioritize those that pose the highest risk to your environment, based on the workloads you run, availability of exploits in the wild, and level of exploitability.
Best in Class Vulnerability Intelligence Feed

Aqua’s CyberCenter feed is updated daily, providing  extensive OS and programming language coverage, application dependency detection, and reduction in false positives and false negatives based on proprietary algorithms reconciling multiple sources (NVD, vendor advisories, and Aqua research)

CI/CD Integration

Scan container images and functions in your CI pipeline, alerting on or failing those that violate your policies, providing direct and immediate feedback to developers. Natively integrates with Jenkins, Azure DevOps, Bamboo, GitLab,  and more.

CI/CD Integrations
Scanning Registries and Stored Functions

Continuously and efficiently scan registries and functions for ongoing visibility into vulnerability and risk posture, applying updated threat intelligence to identify newly affected packages and applications.

Vulnerability Management Workflow

Get actionable remediation information for each vulnerability. Follow the instructions to remediate at the source, choose mitigation with Aqua vShield, or acknowledge the vulnerability to defer its remediation for a specified time.

Identifying Vulnerabilities by Image Layer

Assess the risk of a layer before reusing it in other images by identifying the vulnerability in one of its components, expose the specific layer of the image and speed up remediation by either update the vulnerable package, or roll back the image to a previous version.

Scanning Image Layers
Beyond Vulnerabilities

Comprehensively scan VM images, container images and serverless functions for embedded secrets, OSS licensing issues, hidden malware, configuration issues, and over-provisioned permissions. Use Aqua’s flexible assurance policies to set thresholds for each finding that flag artifacts as non-compliant and prevent their progression through the pipeline to production.