Aqua's Image Scanning capability allows you to connect your container registries and perform vulnerability scanning and dynamic threat analysis, to detect and mitigate known and unknown risks in your container images.

What is included in Image Scanning

The main parts of Image Scanning include:

  1. Vulnerability Scanning (VS)
    Scan your container images to detect known vulnerabilities (CVEs) and other security issues during the development cycle. Gain insights into your vulnerability posture and prioritize remediation and mitigation according to contextual risk. Learn more about Vulnerability Scanning.
  2. Dynamic Threat Analysis (DTA)
    The industry’s first container sandbox solution that dynamically assesses the risks of container images before they run in your production environments. DTA runs your container images in an isolated sandbox environment that monitors and detects Indicators Of Compromise (IOC) such as container escapes, malware, crypto miners, code injection backdoors, network anomalies, and more. Learn more about DTA.

Supported Container Registries

The following container registries are officially supported.

  • Amazon Elastic Container Registry
  • Azure Container Registry
  • Google Container Registry
  • Docker Hub

Navigate to Image Scanning

Navigation to the Image Scanning capability is done from the mega-menu button located on the left side corner of any Aqua page.

Once you click on the navigation button, a mega-menu popup will be displayed with Vulnerability Scanning and Dynamic Threat Analysis options. Here you may also navigate back to the Cloud Security Posture Management (CSPM) features. 

Keep Reading