Aqua Security provides cloud-native security for the full application lifecycle, protecting containers, serverless functions, and cloud workloads with vulnerability scanning, runtime protection, and compliance enforcement.
Run: Capabilities Using Naftiko
- Cloud Native, Containers, Kubernetes, Runtime Protection, Security, Vulnerability Scanning
- Created: 2026-03-26
- Modified: 2026-04-19
Aqua Security provides cloud-native security for the full application lifecycle, protecting containers, serverless functions, and cloud workloads with vulnerability scanning, runtime protection, and compliance enforcement.
Human URL: https://www.aquasec.com/
- Cloud Native Security, Container Security, Kubernetes, Runtime Protection, Security, Vulnerability Scanning, CSPM, DevSecOps
Trivy is a comprehensive open source security scanner for containers, Kubernetes, code repositories, clouds, and more — finding vulnerabilities, misconfigurations, secrets, and SBOMs.
Human URL: https://trivy.dev/
- Container Scanning, Open Source, Vulnerability Scanner, SBOM, Kubernetes Security
Tracee is a runtime security and forensics tool for Linux that uses eBPF technology to trace system events and detect suspicious behavioral patterns.
Human URL: https://aquasecurity.github.io/tracee/
- eBPF, Runtime Security, Linux Security, Forensics, Open Source
- Portal
- Documentation
- GitHubOrganization
- Blog
- Pricing
- SignUp
- Support
- StatusPage
- TermsOfService
- PrivacyPolicy
- ReleaseNotes
| Name | Description |
|---|---|
| Vulnerability Scanning | Comprehensive scanning of container images, VM workloads, and serverless functions for known CVEs and misconfigurations. |
| Runtime Protection | Real-time protection of running containers and cloud workloads using behavioral analysis and policy enforcement. |
| CSPM | Cloud Security Posture Management to identify and remediate misconfigurations across AWS, Azure, and GCP. |
| Supply Chain Security | Protect the software supply chain by scanning code, open source dependencies, and CI/CD pipelines. |
| Kubernetes Security | Native Kubernetes security including admission control, runtime policies, and compliance benchmarks. |
| Compliance Enforcement | Automated compliance checks against CIS, PCI-DSS, HIPAA, NIST, and other regulatory frameworks. |
| Secrets Detection | Detect and prevent secrets and credentials from being embedded in container images and code repositories. |
| Network Policy | Visualize and enforce container network connectivity and micro-segmentation policies. |
| Name | Description |
|---|---|
| Container Security | Secure Docker and OCI containers throughout the build-to-runtime lifecycle. |
| Kubernetes Security | Enforce security policies, runtime protection, and compliance for Kubernetes clusters. |
| Serverless Security | Protect AWS Lambda, Azure Functions, and Google Cloud Functions from vulnerabilities and runtime attacks. |
| DevSecOps | Integrate security scanning into CI/CD pipelines to shift security left and prevent vulnerabilities from reaching production. |
| Cloud Workload Protection | Protect VMs and cloud workloads across multi-cloud environments from threats and misconfigurations. |
| SBOM Generation | Generate Software Bill of Materials (SBOM) for container images and code repositories to understand component risk. |
| Name | Description |
|---|---|
| AWS | Native integrations with AWS ECS, EKS, Lambda, ECR, Security Hub, and other AWS services. |
| Azure | Integrations with Azure Kubernetes Service, Azure Container Registry, and Azure Security Center. |
| Google Cloud | Support for GKE, Google Container Registry, and Cloud Run on Google Cloud Platform. |
| GitHub Actions | Trivy GitHub Action for automated vulnerability scanning in CI/CD workflows. |
| Jenkins | Jenkins plugin for container image scanning and policy enforcement in pipelines. |
| Terraform | Terraform provider for declarative management of Aqua Security platform configuration. |
| Helm | Official Helm charts for deploying Aqua Security components on Kubernetes. |
| Splunk | Integration with Splunk for centralized security event logging and SIEM. |
| PagerDuty | Alert routing to PagerDuty for runtime security event notifications. |
| Slack | Security alert notifications delivered to Slack channels. |
Machine-readable API specifications organized by format.
- Login Request
- Login Response
- Image
- Image Detail
- Image List
- Image Request
- Container
- Container List
- Policy
- Policy List
- Policy Request
- Registry
- Registry List
- User
- User List
- Vulnerability Counts
- Error Response
- Aqua Security Vocabulary — Unified taxonomy mapping 6 resources, 8 actions, 0 workflows, and 3 personas across operational (OpenAPI) and capability (Naftiko) dimensions
- Aqua Security Spectral Rules — 28 rules across 13 categories enforcing Aqua Security API conventions
FN: Kin Lane
Email: kin@apievangelist.com