Aqua produces image scanning reports, aggregating results from Vulnerability Scanning, and Dynamic Threat Analysis. The reports are detailed and can be used to assess the security posture of your container images.
TABLE OF CONTENTS
Accessing Image Reports
Image reports can be accessed from the Images page under Aqua Image Scanning.
By default, the image reports are listed ordered by the image name and can be ordered and/or filtered by a number of fields, including aqua group, score, compliance indicator, and more.
When selecting an image report, an overview tab is displayed. The overview tab provides at-a-glance information about the scanned image.
The overview tab is divided into three sections, each providing a different insight about the image:
- Compliance Status
- Security Findings
- Image Metadata
The compliance status section provides a high level "Compliant" or "Non-compliant" statement about the image.
The compliance assessment is customizable and depends on the configuration of the Assurance Policies. One or more Assurance Policies might be applicable for an image and this section displays the aggregated summary of all applicable policies. The section includes the following information.
- The overall compliance status: Compliant or Non-Compliant.
- A list of applicable Assurance Policies used for the compliance assessment.
- A list of assurance controls used in the evaluation and status of "passed" or "failed" for each.
This section provides a high-level visualization of findings from the Vulnerability Scanning and Dynamic Threat Accessesment. This section includes the following information.
- An overall Aqua Image Score assign to the image.
- Vulnerability Scanning summary with CVE counts by severity and date the image was last scanned.
- Dynamic Threat Analysis summary with threat counts by severity and date the image was scanned.
This section presents general information about the image, often including its registry name, repository name, label, and its date of creation.