The Aqua Hub module includes the following functionality. Click the links to see complete documentation on the Aqua Platform Documentation Portal.

  • Dashboards:

    • The Overview Dashboard displays the number of resources (code repositories, images, and functions), workloads (containers, VMs, and Kubernetes resources), and the security issues detected across them.

    • The Image Vulnerabilities Dashboard is designed to give you a comprehensive view of the vulnerabilities found in your container images.

  • The Inventory presents a complete list of your resources. It allows you to filter the list by resource type, risk type, and/or severity, in any combination. You can also drill down to see details of each resource and its risks.

  • The Insights screen shows the security risks (malware, vulnerabilities, sensitive data, and compound risks) discovered in your resources, and groups them by type for more effective analysis.

  • The Incidents screen shows the following types of security events of critical and high severity: behavioral detection, malware detection, and runtime control.

  • The Compliance screen allows you to access reports on the compliance of cloud infrastructure with industry standards and compliance controls.

  • The Vulnerabilities screen allows you to view the list of vulnerabilities found by Aqua when scanning your images, serverless functions, VMs (hosts), and code repositories.

  • The Audit screen allows you to review the audit log security-related events: both normal and those indicating security exposures.

  • The Response Policies screen allows you to configure Response Policies to detect specific events in Aqua and send event notifications to external notification systems, such as JIRA, Microsoft Teams, email, and Slack.

  • In Integrations, you can connect Aqua to a wide variety of cloud accounts, container image registries, serverless functions, and notification systems. Once an integration is performed, Aqua will scan and analyze its resources for security issues, allow you to mitigate these issues, provide you with the means for run-time protection of the resources, and send the event notifications to the external notification systems which may require an action.