The End-to-End Platform for Container Security
How customers use it
Ongoing Image Risk Assessment
Problem
Aqua ensures images are free from known vulnerabilities, secrets, and configuration errors. DevOps practitioners can gain fast access to actionable remediation information for detected vulnerabilities.
Solution
Aqua integrates security into the CI/CD pipeline to provide image risk analysis and rapid remediation early during the build, enabling you to “fail fast” while avoiding security roadblocks.
Image Assurance Policy Settings & Enforcement
Problem
Ensure that only approved images will run in your environment.
Solution
Aqua’s image assurance provides persistent controls to ensure image integrity throughout its lifecycle, and to prevent unapproved or unvetted images from running.
Protect Workloads in Runtime
Problem
Aqua runtime protection blocks suspicious container activity without stopping or killing the container and detects rogue containers.
Solution
Aqua global runtime controls are applicable to all containers, permitting only legitimate behaviors, to prevent several types of privilege abuse and attack vectors.
Risk Analysis & Compliance
Problem
Aqua generates audit reports to demonstrate regulatory compliance around user/container access and activity. DevSecOps practitioners can perform instant impact analysis to remediate specific vulnerability.
Solution
Aqua facilitates regulatory compliance by automating CIS benchmark testing for both Kubernetes and Docker, scanning images and hosts for malware and vulnerabilities, and collecting granular container-level events for auditing and reporting.
Hardening the Host and Orchestrator Environment
Problem
Aqua ensures the OS and the container engine versions are up to date and fully patched. In additions, Aqua secures the Kubernetes environment and verifies that that access control, networking and authentication are all in check.
Solution
Aqua performs host integrity checks, including vulnerability scan, malware and CIS tests to ensure hosts are secured and that user access is controlled and monitored.