Aqua’s cloud service continues to expand. We are very excited to welcome select customers to a preview program for the new “Secure the Build” capabilities. 

The program introduces new capabilities for discovering threats and vulnerabilities in container images uploaded to private container registries, such as AWS Elastic Container Registry (ECR) before they are run. 

Key Capabilities:

  1. Vulnerability Scanning – Aqua Vulnerability Scanning is a service that scans container images for Known Vulnerabilities (CVEs) to allow security teams to assess potential risks and mitigate them. The service engine is based on the popular open-source project Trivy by Aqua.

  1. Dynamic Threat Analysis – Aqua Dynamic Threat Analysis (DTA) is the industry’s first container sandbox solution to dynamically assess the unknown risks of container images before they run. Aqua DTA runs container images in an isolated sandbox environment that monitors and detects indicators of compromise such as container escapes, malware, crypto miners, code injection backdoors, network anomalies, and more.  

Initial scope: 

The initial scope for the Preview Program includes seamless integration with AWS ECR. Additional types of registries will be added over the next several iterations.