Aqua’s CyberCenter feed is updated daily, providing extensive OS and programming language coverage, application dependency detection, and reduction in false positives and false negatives based on proprietary algorithms reconciling multiple sources (NVD, vendor advisories, and Aqua research)
Scan container images and functions in your CI pipeline, alerting on or failing those that violate your policies, providing direct and immediate feedback to developers. Natively integrates with Jenkins, Azure DevOps, Bamboo, GitLab, and more.
Continuously and efficiently scan registries and functions for ongoing visibility into vulnerability and risk posture, applying updated threat intelligence to identify newly affected packages and applications.
Get actionable remediation information for each vulnerability. Follow the instructions to remediate at the source, choose mitigation with Aqua vShield, or acknowledge the vulnerability to defer its remediation for a specified time.
Assess the risk of a layer before reusing it in other images by identifying the vulnerability in one of its components, expose the specific layer of the image and speed up remediation by either update the vulnerable package, or roll back the image to a previous version.
Comprehensively scan VM images, container images and serverless functions for embedded secrets, OSS licensing issues, hidden malware, configuration issues, and over-provisioned permissions. Use Aqua’s flexible assurance policies to set thresholds for each finding that flag artifacts as non-compliant and prevent their progression through the pipeline to production.