Within an image report, the DTA tab includes a detailed analysis of dynamic or unknown risks found in container images and can assist in addressing security threats that are not discovered by other security tools. 


Accessing The DTA Report

The DTA tab can be accessed from the Image Report under Aqua Image Scanning

  1. Locate and view the Image Report as described in Image Report Overview
  2. Navigate to the Dynamic Threat Analysis tab and view the report


The DTA tab provides an at-a-glance view of the findings discovered by the DTA scanning job. 

The report is divided into three parts.

  • A list of tiles is displayed, grouping the findings into DTA categories. Clicking on tile filters the results by that category. 
  • A list of findings.
  • A map of the world, which provides a simple visualization of outbound network activities performed by the image during the analysis. 

DTA Detailed View

Additional information on individual DTA finding can be found by clicking on each line in the report.

  • The type of risk, in the example below "Known Malware detected in container image".
  • DTA and MITRE category
  • Evidence. In the included example, the evidence includes the file name containing the malware, and the name of the malware.