Prove Regulatory Compliance

Enforce regulatory compliance controls for PCI, HIPAA, GDPR, and beyond, across the cloud-native application lifecycle

Manage, maintain, and prove compliance

Collect granular, continuous data on images, containers, orchestrators, and hosts, providing granular data streams sent to your choice of SIEM/GRC tool.

Enforce compliance across the stack

Gain real-time visibility and control over the compliance posture of images, containers, hosts and clusters, from development to production.

Easily implement regulatory requirements

Use custom compliance checks in your pipline, and out-of-the-box compliance runtime templates for PCI-DSS, HIPAA, NIST and more.

As organizations deploy applications using containers, serverless functions and other cloud native technologies, they are stepping into uncharted compliance territory. Aqua is here to help - with our purpose-built cloud native compliance controls, full visibility and auditing, and "compliant by default" templates to facilitate compliance and with less hassle.

Event Logging & Reporting

Granular audit trails of access activity, scan events and coverage, Docker commands, container activity, secrets activity and system events

CIS Certified Benchmark Checks

Automatically assess node configurations against Docker and K8s CIS benchmarks using Aqua OSS tools or scheduled testing and reporting.

Global Compliance Templates

Pre-defined compliance runtime policies mapped to specific security standards, such as NIST, CIS, PCI, and HIPAA

Full User Accountability

Enforce granular user accountability and controlled super-user permissions

“Thin OS” Host Compliance

Scan and monitor hosts for vulnerabilities, malware, and login activity, as well as discover and scan images stored on hosts

Compliance Enforcement Controls

Ensure only images and workloads that pass compliance checks are allowed to run in your environment

Streamline compliance with new & changing mandates