Aqua's Vulnerability Scanning capability allows you to connect your container registries and perform vulnerability scanning to detect known vulnerabilities (CVEs) in your container images.

What is Included in Vulnerability Scanning

The Vulnerability Scanning capability uses the market-leading open source "Trivy by Aqua" scanner. Trivy is an easy-to-use, fast, and comprehensive scanner for container images. For more information about Trivy, see Trivy by Aqua on GitHub or read about Aqua Security's open source commitment.


As new vulnerabilities and exploits are discovered and published every day, scanning a container image once on-push is not enough. Aqua re-scans your images daily to ensure you are always aware of new risks in your container images as soon as they become known. 


Key capabilities:

  • Out of the box integration with common container registries (ECR, ACR, GCR, Docker Hub)
  • Auto-discovery of all container repositories used in your AWS account
  • Daily vulnerability scans and re-scans of your container images
  • Easy to use, accurate security findings based on "Trivy by Aqua" scanner

Keep Reading