Aqua CSPM scan reports contain a wealth of information that can be used to assess the security of your cloud environments.


Accessing Scan Reports

Scan reports can be accessed from the Aqua CSPM dashboard by clicking Scans > Scan Reports. These reports are listed chronologically across all connected cloud environments and can be filtered by cloud, cloud account, group, or date.

Scan Report Summary

Each scan report has a summary overview section which provides at-a-glance information, including:

  • The date the report was run and a summary of the findings
  • An "Aqua Score" (A-F) representing the general security posture of the scanned account
  • A radial chart showing a breakdown of passing and failing results across all severity levels
  • Summary sections highlighting the risks grouped by regions, cloud service categories, and plugins
  • Quick links to export the report as a PDF or CSV

Plugin Breakdown

The scan report breaks out the findings based on the plugin (security control) that produced them. This is helpful for digging into the results of a specific security check. Each summary row can be clicked to expand the result findings. To view a detailed report:

  1. Navigate to Scans > Scan Reports.
  2. Click on the desired cloud account. 

3. Select the Plugin Breakdown tab from the Scan Report page. 

Resource Breakdown

The Resource Breakdown tab presents the same findings and results broken down by specific resource ID. For example, in AWS, these resource names correspond to ARNs. This view is helpful for determining the security posture of a specific resource, such as an EC2 instance or RDS database. Clicking any of the resources will take you to the Detailed Results tab with a filter applied for that resource.

Detailed Results

The Detailed Results tab allows you to drill into any result to see detailed information about the plugin, the security control, and historical information about that check in your cloud account. Click on any result row to expand information.

Suppressed Results

The Suppressed Results tab presents the same information as the Detailed Results tab, but only shows results that have been suppressed. You can click any result to see more details about why the result was suppressed.


The Compliance tab presents the scan report findings in the context of a supported compliance program (e.g. HIPAA or PCI).