TABLE OF CONTENTS
This document explains direct scanning mode, which is deployed to scan images. In this process, the scanner pulls image directly from a registry, and scans it as a file. This is a default mode for the image scanning and does not need any configurations.
Data caching and privacy
When Aqua scans an image for the first time, it caches analysis-related metadata in the Aqua CyberCenter. For more information, refer to Data Sent to CyberCenter. When the image is re-scanned, Aqua employs the cached metadata to avoid redundant analysis of the same image. However, scanning (and re-scanning) results are always up-to-date with respect to the latest available information on vulnerabilities.
Aqua caches fast scanning metadata on a best-efforts basis. Due to cost considerations, Aqua may limit the amount of data cached in the CyberCenter. If there is no metadata for the image being scanned, the scanning time will be the same as first-time scanning.
To ensure each customer's data privacy, Aqua caches the scanning analysis metadata in a separate, dedicated area for each customer. This data cannot be accessed by Aqua or anyone else for use with any other customer.