Another new arrival on the AWS Marketplace. Aqua Security has just unveiled their pay-per-scan offering that allows customers to ensure that their container images are free of common security issues.
This on-demand service scans for known vulnerabilities, as well as sensitive data and configuration errors on containers used on the Amazon Web Services platform.
It works for customers that build, store, and manage container images, both on AWS and on-premises.
The company claims that this new service offers customers a fast, convenient, and cost-effective solution to identify vulnerability and security issues in container images before they are run, thereby simplifying container security.
Ran Nahmias, Senior Director of Cloud & Strategic Initiatives, Aqua Security:
“We are excited to be the leading technology company to provide an easy-to-use vulnerability scanning service for AWS ECS users. The easier we make it for developers to scan images, the more receptive they will be to incorporating additional security controls. Every step counts, and we appreciate Amazon’s support of our vision to make security ubiquitous throughout the application delivery lifecycle.”
Once prompted by the user, the vulnerability scanner automatically connects to the user registry, and scans the desired images on demand.
Its core functionality includes the ability to scan Docker images that are stored on AWS Container Registry, as well as other private registries for known vulnerabilities, secrets, and configuration risks. It scans both the OS package and numerous languages including Java, Python, C, C++, PHP, and Ruby.
Users are provided vulnerability scores and severities, and the scanner delivers actionable mitigation information to developers so that they can fix security flaws.
Pricing start at 29 cents per scan, with higher volume pricing and trial licenses available on request from Aqua. The service itself can be accessed from the AWS Marketplace here.