Third-party integrations send alerts from the Aqua to your intended recipient without requiring custom code using 

Aqua APIs.


Supported Third-Party Integrations

The following third-party integrations are available to accounts on the following tiers: Team, Advanced, Premier


Please let us know if you would like an integration that is not on this list.

Permissions

Account users can see the existing integrations in their Aqua account.

Account administrators can create, delete, and update third-party integrations.


Data

The data sent to a third-party integration depends upon the features sending information to it.

  • Scan Reports send a count of passing, warning, failing, unknown, and new risks.
  • Per-Plugin Alerts send failures and warnings related to each plug-in. For example, when the plugin “Root Account In Use” is in a failing state.
  • Per-Event Alerts send failures and warnings related to the security of a changed configuration. For example, when AWS CloudTrail API call “deleteSecurityGroup” was detected.

Aqua can send scan report summaries (a count of passing, warning, failing, unknown, and new risks), as well as per-plugin alerts for scans (e.g. Alert when plugin “Root Account In Use” is in a failing state), or per-event routings (e.g. Alert when AWS CloudTrail API call “deleteSecurityGroup” was detected) for real-time events. For Splunk integrations, Aqua can also send a full copy of the scan results in JSON format.


Integration Source Code

The source code for each third-party integration is available in Aqua Security's open source repo.

It also includes instructions for writing a third-party integration.