Aqua Security
Aqua Security provides cloud-native security for the full application lifecycle, protecting containers, serverless functions, and cloud workloads with vulnerability scanning, runtime protection, and compliance enforcement.
APIs
Aqua Security
Aqua Security provides cloud-native security for the full application lifecycle, protecting containers, serverless functions, and cloud workloads with vulnerability scanning, ru...
Trivy
Trivy is a comprehensive open source security scanner for containers, Kubernetes, code repositories, clouds, and more — finding vulnerabilities, misconfigurations, secrets, and ...
Tracee
Tracee is a runtime security and forensics tool for Linux that uses eBPF technology to trace system events and detect suspicious behavioral patterns.
Features
Comprehensive scanning of container images, VM workloads, and serverless functions for known CVEs and misconfigurations.
Real-time protection of running containers and cloud workloads using behavioral analysis and policy enforcement.
Cloud Security Posture Management to identify and remediate misconfigurations across AWS, Azure, and GCP.
Protect the software supply chain by scanning code, open source dependencies, and CI/CD pipelines.
Native Kubernetes security including admission control, runtime policies, and compliance benchmarks.
Automated compliance checks against CIS, PCI-DSS, HIPAA, NIST, and other regulatory frameworks.
Detect and prevent secrets and credentials from being embedded in container images and code repositories.
Visualize and enforce container network connectivity and micro-segmentation policies.
Use Cases
Secure Docker and OCI containers throughout the build-to-runtime lifecycle.
Enforce security policies, runtime protection, and compliance for Kubernetes clusters.
Protect AWS Lambda, Azure Functions, and Google Cloud Functions from vulnerabilities and runtime attacks.
Integrate security scanning into CI/CD pipelines to shift security left and prevent vulnerabilities from reaching production.
Protect VMs and cloud workloads across multi-cloud environments from threats and misconfigurations.
Generate Software Bill of Materials (SBOM) for container images and code repositories to understand component risk.
Integrations
Native integrations with AWS ECS, EKS, Lambda, ECR, Security Hub, and other AWS services.
Integrations with Azure Kubernetes Service, Azure Container Registry, and Azure Security Center.
Support for GKE, Google Container Registry, and Cloud Run on Google Cloud Platform.
Trivy GitHub Action for automated vulnerability scanning in CI/CD workflows.
Jenkins plugin for container image scanning and policy enforcement in pipelines.
Terraform provider for declarative management of Aqua Security platform configuration.
Official Helm charts for deploying Aqua Security components on Kubernetes.
Integration with Splunk for centralized security event logging and SIEM.
Alert routing to PagerDuty for runtime security event notifications.
Security alert notifications delivered to Slack channels.