TABLE OF CONTENTS

Overview

Aqua can send image scan results to external systems. These systems must be integrated with Aqua using a Webhook. After the external system is integrated, Aqua sends image scanning results via Webhook in the JSON format. The application should be configured to receive these results, interpret them, and populate/analyze on its UI.


Integrate your application using Webhook

To integrate your application with Aqua to receive image scan results:

  1. Navigate to Settings > Image Scan Results Webhook
  2. Select the Enable sending image scan results to webhook checkbox.
  3. Enter URL for the Webhook connection.
  4. Click Save.


Once integrated, image scan results are sent to the integrated application in the JSON format.

Format of the image scan results (JSON)

Aqua sends image scan results to an external system through Webhook in the JSON format. The application should be configured to receive these results and interpret them.


The information is relatively self-explanatory. Here are some snippets in order to help you understand the content of the results.


In the image scan results, you can header information which contains general information about the image scan as shown below:

{
  "image": "mongo:jessie",
  "registry": "Docker Hub",
  "scan_started": {
    "seconds": 1535035117,
    "nanos": 533634976
  },
  "scan_duration": 41,
  "image_size": 367629404,
  "digest": "074f542607917783e3c7f9e8dc9ed1b550e8f3fa169ba5f76af6896fd60f0de6",
 
 ...


Image scan results

You can see the summary of image scan results as shown below:

"image_assurance_results": {
    "disallowed": true,
    "audit_required": true,
    "policy_failures": [{
      "policy_id": 1,
      "policy_name": "Default",
      "blocking": true,
      "controls": ["max_severity"]
    }],
    "checks_performed": [{
      "failed": true,
      "policy_id": 1,
      "policy_name": "Default",
      "control": "max_severity",
      "maximum_severity_allowed": "high",
      "maximum_severity_found": "high",
      "maximum_fixable_severity_found": "high"
    }]
  },
  "vulnerability_summary": {
    "total": 27,
    "high": 8,
    "medium": 16,
    "low": 3,
    "negligible": 21,
    "sensitive": 0,
    "malware": 0,
    "score_average": 5.6777782,
    "max_score": 10,
    "max_fixable_score": 10,
    "max_fixable_severity": "high"
  },

As shown in the image scan result above, the scanned image was disallowed, per the image assurance policy. Successive rows provide the policy failures, the number of occurrences of each kind of vulnerability.