TABLE OF CONTENTS
Aqua Security provides full lifecycle security for containerized applications, running either on Linux or Windows hosts. The overall goal of full container lifecycle security is the deployment of applications that ensure the security of your applications' operations, data, and computing infrastructure.
Aqua Image Assurance covers the first part of the container lifecycle: image development. The Image Assurance subsystem detects, assesses, and reports security issues in your images. Next, Aqua provides different forms of risk management, based on your preferences:
- Aqua can block the deployment of containers based on images with security issues
- Alternatively, it can help you mitigate the risk of deploying such containers based on images with known risks.
- (Applicable to Advanced plan only) Through Risk-based Insights, Aqua can also identify running containers based on images with vulnerabilities and known exploits "in the wild"
This topic describes the image assurance activities performed by Aqua throughout the image development lifecycle.
Image assurance activities
You can integrate Aqua images in the pipelines of your external CI/CD systems. If Aqua determines that an image is non-compliant with your organization's image assurance policies, Aqua can report the related build step to the CI/CD system as failed.