TABLE OF CONTENTS


Overview


The Security Reports area of Workload Protection is accessed from the left-hand menu. It comprises these pages:

  • Vulnerabilities
  • Audit
  • CIS Benchmarks


Vulnerabilities


The Vulnerabilities screen:


For a broad understanding of Aqua Image Assurance and protection of your workloads from vulnerabilities, it is recommended that you read the Image Assurance Overview. The topic Vulnerabilities Screen: Operations provides more specific information on what you can do on the Vulnerabilities page.


Audit


Aqua maintains an audit log of several kinds of events: both normal and those indicating security exposures. Reviewing the audit log is often essential for understanding and mitigating security problems in your environment.


Refer to View Audit Events for more information.


CIS Benchmarks


The Center for Internet Security (CIS) maintains several sets of benchmarks to help organizations assess cyber-security threats. These benchmarks are based on an industry consensus of well-defined best practices.


Refer to CIS Benchmarks for more information.


DISA STIG Benchmarks


The Security Technical Implementation Guide (STIG) maintains several sets of benchmarks to help US Federal and government organizations assess cyber-security threats.


The Aqua KubeEnforcer will check the compliance of STIG benchmarks on Kubernetes nodes (hosts) when Aqua users deploy or start the KubeEnforcer again or rescan the nodes manually from UI. Refer to DISA STIG Benchmarks for more information.